GHSA-4PPP-GPCR-7QF6 HTTP Request Smuggling: Content-Length Sent Twice in Waitress

Impact Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. So a request with: Content-Length: 10 Content-Length: 10 would get transformed to: Content-Length: 10, 10 Whic...

HTTP Request Smuggling: Content-Length Sent Twice in Waitress

Impact Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. So a request with: Content-Length: 10 Content-Length: 10 would get transformed to: Content-Length: 10, 10 Whic...

GHSA-G2XC-35JW-C63P HTTP Request Smuggling: Invalid Transfer-Encoding in Waitress

Impact Waitress would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most...

HTTP Request Smuggling: Invalid Transfer-Encoding in Waitress

Impact Waitress would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most...

CVE-2019-16786

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

CVE-2019-16786 HTTP Request Smuggling: Invalid Transfer-Encoding in Waitress

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

PT-2019-6225 · Waitress +3 · Waitress +3

Name of the Vulnerable Software and Affected Versions: Waitress versions prior to 1.4.0 Description: The issue is related to the incorrect parsing of the Transfer-Encoding header in Waitress. According to the HTTP standard, Transfer-Encoding should be a comma-separated list with the inner-most...

Race Condition in Web Applications

Even web application APIs can be subject to race conditions. Check out where it can happen such as the cases of HTTP pipelining, splitting HTTP and others. The post Race Condition in Web Applications appeared first on Wallarm Blog...

FreeBSD : haproxy -- information leak vulnerability (cbfa8bd7-24b6-11e5-86ff-14dae9d210b8)

HAProxy reports : A vulnerability was found when HTTP pipelining is used. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. I want to address sincere congratulations to Charlie...

Debian DSA-3301-1 : haproxy - security update

Charlie Smurthwaite of aTech Media discovered a flaw in HAProxy, a fast and reliable load balancing reverse proxy, when HTTP pipelining is used. A client can take advantage of this flaw to cause data corruption and retrieve uninitialized memory contents that exhibit data from a past request or...

DSA-3301-1 haproxy - security update

Bulletin has no description...

haproxy: information leakage

A vulnerability was found in the handling of HTTP pipelining. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. With the proper timing and by requesting files of specific sizes from...

openSUSE Security Update : nodejs (openSUSE-SU-2013:1863-1)

This update fixes the following security issue with nodejs : - fix CVE-2013-4450: nodejs: HTTP Pipelining DoS bnc846808 CVE-2013-4450-v0.10.x.patch: contains the fix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

NodeJS: HTTP Pipelining DoS

The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service memory and CPU consumption by sending a large number of pipelined requests without reading the response...

Apache/IIS/nginx Multiple HTTP Servers (Memory Exhaustion) DoS

The attack involves making requests to the web server via HTTP pipelining and closing the connection before receiving a response, it causes the thread/fork is not advised and continue processing the request before attempting to send the response, the attack requires that the server has a...

CVE-2011-1475

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...

CVE-2011-1475

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...

CVE-2011-1475

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...