Apache 2.0.54 exploit

From: Molle Bestefich <molle.bestefich_at_gmail.com>
Date: 2005-07-10 13:19:38 CEST

http://www.securityfocus.com/bid/14106

"
Apache is prone to an HTTP request smuggling attack.

A specially crafted request with a 'Transfer-Encoding: chunked' header
and a 'Content-Length' can cause the server to forward a reassembled
request with the original 'Content-Length' header. Due to this, the
malicious request may piggyback with the valid HTTP request.

It is possible that this attack may result in cache poisoning,
cross-site scripting, session hijacking and other attacks.
"

SecurityFocus lists Apache 2.0.54 and 2.0.55 as vulnerable..

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sun Jul 10 13:20:32 2005

This message: [ Message body ]
Next message: Max Bowsher: "Re: Clean up anchors"
Previous message: Max Bowsher: "Re: svn commit: propchange - r15309 - svn:log"
Next in thread: Ben Reser: "Re: Apache 2.0.54 exploit"
Reply: Ben Reser: "Re: Apache 2.0.54 exploit"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]