[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Apache 2.0.54 exploit

From: Molle Bestefich <molle.bestefich_at_gmail.com>
Date: 2005-07-10 13:19:38 CEST


Apache is prone to an HTTP request smuggling attack.

A specially crafted request with a 'Transfer-Encoding: chunked' header
and a 'Content-Length' can cause the server to forward a reassembled
request with the original 'Content-Length' header. Due to this, the
malicious request may piggyback with the valid HTTP request.

It is possible that this attack may result in cache poisoning,
cross-site scripting, session hijacking and other attacks.

SecurityFocus lists Apache 2.0.54 and 2.0.55 as vulnerable..

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sun Jul 10 13:20:32 2005

This is an archived mail posted to the Subversion Dev mailing list.