3652 matches found
CVE-2005-2089
Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes IIS to incorrectly handle and forward the bo...
CVE-2005-2090
Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...
CVE-2005-2091
CVE-2005-2091 affects IBM WebSphere 5.0/5.1. The vulnerability arises from how WebSphere handles HTTP requests that include both Transfer-Encoding: chunked and a Content-Length header, causing the body to be forwarded in a way that can be treated as a separate HTTP request. This enables remote at...
CVE-2005-2092
The CVE-2005-2092 entry describes a vulnerability in BEA Systems WebLogic 8.1 SP1 where a crafted HTTP request with both a Transfer-Encoding: chunked header and a Content-Length header causes WebLogic to mis-handle the request body, leading to HTTP Request Smuggling. This can allow remote attacke...
CVE-2005-2094
Sun SunONE web server 6.1 SP1 is affected by CVE-2005-2094. The vulnerability arises in HTTP request processing when a request contains both Transfer-Encoding: chunked and Content-Length headers, leading SunONE to mishandle and forward the request body as if it were a separate HTTP request. This ...
CVE-2005-2092
BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebLogic to incorrectly handle and forwar...
CVE-2005-2088
The CVE-2005-2088 vulnerability affects the Apache HTTP Server when acting as an HTTP proxy. Specifically, versions before 1.3.34 and 2.0.x before 2.0.55 are susceptible. The issue arises from handling a request containing both Transfer-Encoding: chunked and Content-Length, causing the body to be...
CVE-2005-2090
CVE-2005-2090 affects Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0): it enables HTTP Request Smuggling via a request containing both Transfer-Encoding: chunked and Content-Length, causing the body to be mis‑interpreted and processed as a new request. This issue is noted to hav...
PT-2005-3031 · Microsoft · Iis
Name of the Vulnerable Software and Affected Versions: Microsoft IIS versions 5.0 through 6.0 Description: The issue allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a Transfer-Encoding: chunked head...
Microsoft ISA Server HTTP Request Smuggling Vulnerability
Description Microsoft Internet Security and Acceleration ISA server is reported prone to a HTTP request smuggling attack. The vendor reports that Microsoft ISA server fails to correctly handle an invalid HTTP request that contains multiple 'Content-Length' values in an invalid HTTP header. A remo...
Fedora Core 3 : squid-2.5.STABLE9-1.FC3.6 (2005-373)
Mon May 16 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.6 - More upstream patches, including ones for bz157456 CVE-2005-1519 DNS lookups unreliable on untrusted networks bz156162 CVE-1999-0710 cachemgr.cgi access control bypass - The following bugs had already been fixed, but the announcements were lost...
Single crafted HTTP request may result in multiple responses
Overview Some HTTP handling devices are vulnerable to a flaw which may allow a specially crafted request to elicit multiple responses, some of which may be controlled by the attacker. These attacks may result in cache poisoning, information leakage, cross-site scripting, and other outcomes...