Apache HTTP Request Smuggling Vulnerability

Apache is prone to an HTTP-request-smuggling attack.

A specially crafted request with a 'Transfer-Encoding: chunked' header and a 'Content-Length' header can cause the server to forward a reassembled request with the original 'Content-Length' header. As a result, the malicious request may piggyback on the valid HTTP request.

This attack may result in cache poisoning, cross-site scripting, session hijacking, and other attacks.

NOTE: This issue was originally described in BID 13873 (Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities). Since vendor confirmation and more details are available, the issue has now been assigned a new BID.


 

Privacy Statement
Copyright 2010, SecurityFocus