CVE-2021-46825

Affected products: Symantec Advanced Secure Gateway (ASG) and ProxySG. Vulnerability: HTTP desync/HTTP desmuggling where a remote, unauthenticated attacker can leverage crafted HTTP requests to cause the proxy to forward a web server’s responses to unintended clients when the attacker and other c...

PT-2022-3498 · Symantec · Proxysg +1

Name of the Vulnerable Software and Affected Versions: Symantec Advanced Secure Gateway ASG and ProxySG affected versions not specified Description: The issue is related to an HTTP desync vulnerability. When a remote unauthenticated attacker and other web clients communicate through the proxy wit...

Oracle Linux 7 : python-twisted-web (ELSA-2022-4930)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-4930 advisory. - Security fix for CVE-2022-24801: Possible http request smuggling Resolves: rhbz2073114 - Fix CVE-2020-10108 and CVE-2020-10109 multiple HTTP request smuggling...

CVE-2021-32715

hyper is an HTTP library for rust. hyper's HTTP/1 server code had a flaw that incorrectly parses and accepts requests with a Content-Length header with a prefixed plus sign, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that doesn't parse such...

[SECURITY] [DLA 2991-1] twisted security update

Debian LTS Advisory DLA-2991-1 [email protected] https://www.debian.org/lts/security/ Stefano Rivera May 03, 2022 https://wiki.debian.org/LTS Package : twisted Version : 16.6.0-2+deb9u3 CVE ID : CVE-2022-24801 Debian Bug : 1009030 The Twisted Web HTTP 1.1 server, located in the...

SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:1477-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1477-1 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1....

python-twisted: possible http request smuggling

A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass through multiple HTT...

vcon address change not persistent across protocol components

Lines of code Vulnerability details Impact vcon address is allowed to be updated by GOVERNOR in Core, however, this change will not be reflected in CoreRef.vcon. Moreover, since CoreRef.vcon cannot be updated due to contract design, it is also impossible to fix this manually. We are not yet sure...

GHSA-C2JG-HW38-JRQQ Inconsistent Interpretation of HTTP Requests in twisted.web

The Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230: 1. The Content-Length header value could have a + or - prefix. 2. Illegal characters were permitted in chunked extensions, such as the LF \n...

Inconsistent Interpretation of HTTP Requests in twisted.web

The Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230: 1. The Content-Length header value could have a + or - prefix. 2. Illegal characters were permitted in chunked extensions, such as the LF \n...

CVE-2022-24801 HTTP Request Smuggling in twisted.web

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing...

CVE-2022-24801

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing...

totalFeiBoosted vars can desync in TurboSafe and TurboMaster

Lines of code Vulnerability details Impact The TurboSafe and TurboMaster contracts each keep track of totalFeiBoosted, getTotalFeiBoostedForVault, and Master keeps track of getTotalBoostedAgainstCollateral in addition. For the TurboMaster contract, these values should be the sum of the...

Exploit for HTTP Request Smuggling in Sap Content_Server

It is an offensive tool for SAP memory pipesMPI desynchronizat...

Http-Desync-Guardian - Analyze HTTP Requests To Minimize Risks Of HTTP Desync Attacks (Precursor For HTTP Request Smuggling/Splitting)

Overview HTTP/1.1 went through a long evolution since 1991 to 2014: HTTP/0.9 – 1991 HTTP/1.0 – 1996 HTTP/1.1 RFC 2068 – 1997 RFC 2616 - 1999 RFC 7230 - 2014 This means there is a variety of servers and clients, which might have different views on request boundaries, creating opportunities for...

Smuggler - An HTTP Request Smuggling / Desync Testing Tool

An HTTP Request Smuggling / Desync testing tool written in Python 3 Acknowledgements A special thanks to James Kettle for his research and methods into HTTP desyncs And a special thanks to Ben Sadeghipour for beta testing Smuggler and for allowing me to discuss my work at Nahamcon 2020 IMPORTANT...

GHSA-6HFQ-H8HQ-87MF HTTP Request Smuggling in hyper

Summary hyper's HTTP server code had a flaw that incorrectly understands some requests with multiple transfer-encoding headers to have a chunked payload, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that understands the request payload boundary different...

HTTP Request Smuggling in hyper

Summary hyper's HTTP server code had a flaw that incorrectly understands some requests with multiple transfer-encoding headers to have a chunked payload, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that understands the request payload boundary different...

HTTP/2 Request Smuggling

HTTP Request Smuggling also known as an HTTP Desync Attack has experienced a resurgence in security research recently, thanks in large part to the outstanding work by security researcher James Kettle. His 2019 Blackhat presentation on HTTP Desync attacks exposed vulnerabilities with different...

HTTP/2 Request Smuggling

HTTP Request Smuggling also known as an HTTP Desync Attack has experienced a resurgence in security research recently, thanks in large part to the outstanding work by security researcher James Kettle. His 2019 Blackhat presentation on HTTP Desync attacks exposed vulnerabilities with different...