QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2005-2088

Back to search

CVE-2005-2088

Published: Jun 30, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

VendorProductVersions

n/a

n/a

affected
n/a

References

17319
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2005:018
vendor-advisory
x_refsource_SUSE
RHSA-2005:582
vendor-advisory
x_refsource_REDHAT
SUSE-SA:2005:046
vendor-advisory
x_refsource_SUSE
USN-160-2
vendor-advisory
x_refsource_UBUNTU
ADV-2005-2140
vdb-entry
x_refsource_VUPEN
17813
third-party-advisory
x_refsource_SECUNIA
ADV-2005-2659
vdb-entry
x_refsource_VUPEN
TSLSA-2005-0059
vendor-advisory
x_refsource_TRUSTIX
PK13959
vendor-advisory
x_refsource_AIXAPAR
SSA:2005-310-04
vendor-advisory
x_refsource_SLACKWARE
oval:org.mitre.oval:def:840
vdb-entry
signature
x_refsource_OVAL
ADV-2006-1018
vdb-entry
x_refsource_VUPEN
SSRT051251
vendor-advisory
x_refsource_HP
MDKSA-2005:130
vendor-advisory
x_refsource_MANDRIVA
19185
third-party-advisory
x_refsource_SECUNIA
14530
third-party-advisory
x_refsource_SECUNIA
ADV-2006-4680
vdb-entry
x_refsource_VUPEN
604
third-party-advisory
x_refsource_SREASON
17487
third-party-advisory
x_refsource_SECUNIA
HPSBUX02074
vendor-advisory
x_refsource_HP
19317
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2005-11-29
vendor-advisory
x_refsource_APPLE
HPSBUX02101
vendor-advisory
x_refsource_HP
oval:org.mitre.oval:def:1629
vdb-entry
signature
x_refsource_OVAL
1014323
vdb-entry
x_refsource_SECTRACK
19072
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:1237
vdb-entry
signature
x_refsource_OVAL
PK16139
vendor-advisory
x_refsource_AIXAPAR
DSA-805
vendor-advisory
x_refsource_DEBIAN
19073
third-party-advisory
x_refsource_SECUNIA
15647
vdb-entry
x_refsource_BID
SSRT051128
vendor-advisory
x_refsource_HP
14106
vdb-entry
x_refsource_BID
DSA-803
vendor-advisory
x_refsource_DEBIAN
23074
third-party-advisory
x_refsource_SECUNIA
102197
vendor-advisory
x_refsource_SUNALERT
oval:org.mitre.oval:def:1526
vdb-entry
signature
x_refsource_OVAL
102198
vendor-advisory
x_refsource_SUNALERT
oval:org.mitre.oval:def:11452
vdb-entry
signature
x_refsource_OVAL
ADV-2006-0789
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now