5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.074 Low
EPSS
Percentile
93.1%
The httpd packages provide the Apache HTTP Server, a powerful, efficient,
and extensible web server.
Multiple flaws were found in the way httpd parsed HTTP requests and
responses using chunked transfer encoding. A remote attacker could use
these flaws to create a specially crafted request, which httpd would decode
differently from an HTTP proxy software in front of it, possibly leading to
HTTP request smuggling attacks. (CVE-2015-3183)
All httpd users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, the httpd service will be restarted automatically.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | ppc64 | httpd-devel | < 2.2.15-47.el6_7 | httpd-devel-2.2.15-47.el6_7.ppc64.rpm |
RedHat | 6 | s390x | httpd-tools | < 2.2.15-47.el6_7 | httpd-tools-2.2.15-47.el6_7.s390x.rpm |
RedHat | 6 | x86_64 | httpd-tools | < 2.2.15-47.el6_7 | httpd-tools-2.2.15-47.el6_7.x86_64.rpm |
RedHat | 6 | noarch | httpd-manual | < 2.2.15-47.el6_7 | httpd-manual-2.2.15-47.el6_7.noarch.rpm |
RedHat | 6 | s390x | httpd-devel | < 2.2.15-47.el6_7 | httpd-devel-2.2.15-47.el6_7.s390x.rpm |
RedHat | 6 | x86_64 | httpd-debuginfo | < 2.2.15-47.el6_7 | httpd-debuginfo-2.2.15-47.el6_7.x86_64.rpm |
RedHat | 6 | ppc | httpd-devel | < 2.2.15-47.el6_7 | httpd-devel-2.2.15-47.el6_7.ppc.rpm |
RedHat | 6 | i686 | mod_ssl | < 2.2.15-47.el6_7 | mod_ssl-2.2.15-47.el6_7.i686.rpm |
RedHat | 6 | s390x | mod_ssl | < 2.2.15-47.el6_7 | mod_ssl-2.2.15-47.el6_7.s390x.rpm |
RedHat | 6 | ppc64 | httpd-tools | < 2.2.15-47.el6_7 | httpd-tools-2.2.15-47.el6_7.ppc64.rpm |