Lucene search

HTTP Request Smuggling

🗓️ 15 Jan 2019 09:33:07Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 21 Views

Vulnerability in Apache HTTP Server allows HTTP Request Smuggling

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 168
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM HTTP Server used by IBM WebSphere Application Server which is shipped with IBM PureApplication System (CVE-2015-3183)	15 Jun 201807:04	–	ibm
IBM Security Bulletins	Security Bulletin: Security Vulnerability in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Configuration Manager(CVE-2015-3183)	22 Jan 201916:30	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Network Manager IP Edition (CVE-2015-3183)	17 Jun 201815:10	–	ibm
IBM Security Bulletins	Security Bulletin: A HTTP server vulnerability affects IBM Security Access Manager for Web (CVE-2015-3183)	16 Jun 201821:39	–	ibm
IBM Security Bulletins	Security Bulletin:A security vulnerability has been identified in IBM HTTP Server used by IBM WebSphere Application Server which is shipped with IBM Workload Deployer (CVE-2015-3183)	15 Jun 201807:04	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with WebSphere Business Modeler Publishing Server (CVE-2015-3183)	15 Jun 201807:03	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-3183)	22 Sep 202203:02	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Intelligent Operations Center and related products (CVE-2015-3183)	19 Aug 202221:04	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2015-3183)	17 Jun 201815:10	–	ibm
IBM Security Bulletins	Security Bulletin: HTTP Request smuggling vulnerability may affect IBM HTTP Server (CVE-2015-3183)	8 Sep 202200:09	–	ibm

Vulners

Node

httpd httpdMatch2.2.15_9.el6

httpd httpdMatch2.2.15_39.el6

httpd httpdMatch2.2.15_29.el6_4

httpd httpdMatch2.2.15_9.el6_1.2

httpd httpdMatch2.2.15_26.el6

httpd httpdMatch2.2.15_45.el6

httpd httpdMatch2.2.15_30.el6_5

httpd httpdMatch2.2.15_28.el6_4

httpd httpdMatch2.2.15_31.el6_5

httpd httpdMatch2.2.15_15.el6

httpd httpdMatch2.2.15_9.el6_1.3

httpd httpdMatch2.2.15_15.el6_2.1

httpd httpdMatch2.2.15_5.el6

httpd httpdMatch2.2.15_69.el6.centos

httpd httpdMatch2.2.22_14.ep6.el6

httpd httpdMatch2.2.15_47.el6_7.4

httpd httpdMatch2.2.15_47.el6_7

httpd httpdMatch2.2.15_47.el6_7.1

httpd httpdMatch2.2.17_15.4.ep5.el6

httpd httpdMatch2.2.26_35.ep6.el6

httpd httpdMatch2.2.15_47.el6_7.3

httpd httpdMatch2.2.22_27.ep6.el6

httpd httpdMatch2.2.15_47.el6_7.2

httpd httpdMatch2.2.22_25.ep6.el6

httpd httpdMatch2.2.15_54.el6_8

httpd httpdMatch2.2.26_38.ep6.el6

httpd httpdMatch2.2.22_18.ep6.el6

httpd httpdMatch2.2.15_53.el6

httpd httpdMatch2.2.3_63.el5

httpd httpdMatch2.2.3_11.el5_1.3

httpd httpdMatch2.2.3_83.el5_9

httpd httpdMatch2.2.10_1.el5s2

httpd httpdMatch2.2.3_92.el5_11

httpd httpdMatch2.2.17_15.4.ep5.el5

httpd httpdMatch2.2.17_11.2.ep5.el6

httpd httpdMatch2.2.3_11.el5

httpd httpdMatch2.2.4_9.el5s2

httpd httpdMatch2.2.3_43.el5_5.3

httpd httpdMatch2.2.3_22.el5_3.2

httpd httpdMatch2.2.3_45.el5

httpd httpdMatch2.2.3_22.el5_3.1

httpd httpdMatch2.2.8_1.el5s2

httpd httpdMatch2.2.3_53.el5

httpd httpdMatch2.2.3_76.el5_9

httpd httpdMatch2.2.11_3.el5s2

httpd httpdMatch2.2.4_5.el5s2

httpd httpdMatch2.2.3_22.el5

httpd httpdMatch2.2.13_2.el5s2

httpd httpdMatch2.2.26_35.ep6.el5

httpd httpdMatch2.2.3_65.el5_8.3

httpd httpdMatch2.2.22_23.ep6.el6

httpd httpdMatch2.2.3_63.el5_8.1

httpd httpdMatch2.2.3_11.el5_2.4

httpd httpdMatch2.2.13_3.el5s2

httpd httpdMatch2.2.3_78.el5_9

httpd httpdMatch2.2.3_81.el5_9

httpd httpdMatch2.2.3_85.el5_10

httpd httpdMatch2.2.3_87.el5_10

httpd httpdMatch2.2.22_14.ep6.el5

httpd httpdMatch2.2.3_53.el5_7.1

httpd httpdMatch2.2.22_27.ep6.el5

httpd httpdMatch2.2.3_53.el5_7.3

httpd httpdMatch2.2.3_7.el5

httpd httpdMatch2.2.22_25.ep6.el5

httpd httpdMatch2.2.26_38.ep6.el5

httpd httpdMatch2.2.4_7.el5s2

httpd httpdMatch2.2.3_74.el5

httpd httpdMatch2.2.3_31.el5

httpd httpdMatch2.2.3_6.el5

httpd httpdMatch2.2.26_39.ep6.el6

httpd httpdMatch2.2.3_43.el5

httpd httpdMatch2.2.3_91.el5

httpd httpdMatch2.2.3_65.el5_8

httpd httpdMatch2.2.22_19.ep6.el5

httpd httpdMatch2.2.3_45.el5_6.1

httpd httpdMatch2.2.3_83.el5_10

httpd httpdMatch2.2.11_2.el5s2

httpd httpdMatch2.2.3_31.el5_4.2

httpd httpdMatch2.2.3_31.el5_4.4

httpd httpdMatch2.2.3_82.el5_9

hornetq-native hornetq-nativeMatch2.3.25_3.final_redhat_1.ep6.el6

hornetq-native hornetq-nativeMatch2.3.25_3.final_redhat_1.ep6.el7

hornetq-native hornetq-nativeMatch2.3.20_2.final_redhat_1.ep6.el7

hornetq-native hornetq-nativeMatch2.3.8_1.final_redhat_1.ep6.el6

hornetq-native hornetq-nativeMatch2.3.5_1.final_redhat_1.ep6.el6

hornetq-native hornetq-nativeMatch2.3.20_2.final_redhat_1.ep6.el6

hornetq-native hornetq-nativeMatch2.2.21_1.final.ep6.el6

hornetq-native hornetq-nativeMatch2.3.1_1.final_redhat_1.ep6.el6

hornetq-native hornetq-nativeMatch2.2.16_2.final.ep6.el6

hornetq-native hornetq-nativeMatch2.2.20_1.eap.ga.ep5.el6

mod_jk mod_jkMatch1.2.36_4.ep6.el6

mod_jk mod_jkMatch1.2.40_2.redhat_1.ep6.el7

mod_jk mod_jkMatch1.2.37_4.redhat_3.ep6.el6

mod_jk mod_jkMatch1.2.40_3.redhat_2.ep6.el6

mod_jk mod_jkMatch1.2.36_5.ep6.el6

mod_jk mod_jkMatch1.2.37_2.redhat_1.ep6.el6

mod_jk mod_jkMatch1.2.31_1.1.2.ep5.el6

mod_jk mod_jkMatch1.2.40_2.redhat_1.ep6.el6

mod_jk mod_jkMatch1.2.40_3.redhat_2.ep6.el7

tomcat-native tomcat-nativeMatch1.1.30_2.redhat_1.ep6.el7

tomcat-native tomcat-nativeMatch1.1.23_4.ep6.el6

tomcat-native tomcat-nativeMatch1.1.27_4.redhat_1.ep6.el6

tomcat-native tomcat-nativeMatch1.1.24_1.ep6.el6

tomcat-native tomcat-nativeMatch1.1.32_3.redhat_1.ep6.el7

tomcat-native tomcat-nativeMatch1.1.32_3.redhat_1.ep6.el6

tomcat-native tomcat-nativeMatch1.1.30_2.redhat_1.ep6.el6

tomcat-native tomcat-nativeMatch1.1.20_2.1.2.ep5.el6

httpd22 httpd22Match2.2.26_38.ep6.el7

httpd22 httpd22Match2.2.26_37.ep6.el7

httpd22 httpd22Match2.2.26_41.ep6.el7

httpd24-httpd httpd24-httpdMatch2.4.6_16.el6

httpd24-httpd httpd24-httpdMatch2.4.6_22.el6

httpd24-httpd httpd24-httpdMatch2.4.12_3.el6

httpd24-httpd httpd24-httpdMatch2.4.6_18.el6

mod_cluster-native mod_cluster-nativeMatch1.0.10_3.1.1.ga_cp02.ep5.el6

mod_cluster-native mod_cluster-nativeMatch1.0.10_10.ga_cp04_patch01.ep5.el6

mod_cluster-native mod_cluster-nativeMatch1.2.1_4.final.ep6.el5

mod_cluster-native mod_cluster-nativeMatch1.2.6_1.final.redhat_1.ep6.el5

mod_cluster-native mod_cluster-nativeMatch1.2.3_2.final.ep6.el6

mod_cluster-native mod_cluster-nativeMatch1.2.9_4.final_redhat_2.ep6.el5

mod_cluster-native mod_cluster-nativeMatch1.0.10_2.1.1.ga_cp01.ep5.el6

mod_cluster-native mod_cluster-nativeMatch1.0.10_4.1.1.ga_cp02.ep5.el6

mod_cluster-native mod_cluster-nativeMatch1.2.3_2.final.ep6.el5

mod_cluster-native mod_cluster-nativeMatch1.0.10_4.1.ga_cp02.ep5.el5

mod_cluster-native mod_cluster-nativeMatch1.2.9_3.final_redhat_2.ep6.el5

mod_cluster-native mod_cluster-nativeMatch1.2.4_1.final.redhat_1.ep6.el6

mod_cluster-native mod_cluster-nativeMatch1.2.9_4.final_redhat_2.ep6.el6

mod_cluster-native mod_cluster-nativeMatch1.0.10_10.ga_cp04_patch01.ep5.el5

mod_cluster-native mod_cluster-nativeMatch1.2.9_4.final_redhat_2.ep6.el7

mod_cluster-native mod_cluster-nativeMatch1.2.3_3.final.ep6.el5

mod_cluster-native mod_cluster-nativeMatch1.2.3_3.final.ep6.el6

mod_cluster-native mod_cluster-nativeMatch1.2.6_1.final.redhat_1.ep6.el6

mod_cluster-native mod_cluster-nativeMatch1.2.9_3.final_redhat_2.ep6.el6

mod_cluster-native mod_cluster-nativeMatch1.2.1_3.final.ep6.el6

mod_cluster-native mod_cluster-nativeMatch1.0.10_2.1.ga_cp01.ep5.el5

mod_cluster-native mod_cluster-nativeMatch1.0.10_3.1.ga_cp02.ep5.el5

mod_cluster-native mod_cluster-nativeMatch1.2.4_1.final.redhat_1.ep6.el5

mod_cluster-native mod_cluster-nativeMatch1.2.9_3.final_redhat_2.ep6.el7

mod_cluster-native mod_cluster-nativeMatch1.3.1_5.final_redhat_2.ep7.el6

mod_cluster-native mod_cluster-nativeMatch1.2.11_2.final_redhat_2.ep6.el6

mod_cluster-native mod_cluster-nativeMatch1.2.9_6.final_redhat_2.ep6.el6

mod_cluster-native mod_cluster-nativeMatch1.2.11_2.final_redhat_2.ep6.el7

mod_cluster-native mod_cluster-nativeMatch1.3.1_5.final_redhat_2.ep7.el7

mod_cluster-native mod_cluster-nativeMatch1.2.9_6.final_redhat_2.ep6.el7

tomcat8 tomcat8Match8.0.18_25_patch_00.ep7.el6

tomcat8 tomcat8Match8.0.18_15_patch_00.ep7.el6

tomcat8 tomcat8Match8.0.18_25_patch_00.ep7.el7

tomcat8 tomcat8Match8.0.18_15_patch_00.ep7.el7

apache-commons-collections-eap6 apache-commons-collections-eap6Match3.2.1_13.redhat_2.ep6.el6.1

apache-commons-collections-eap6 apache-commons-collections-eap6Match3.2.1_16.redhat_5.1.ep6.el6

apache-commons-collections-eap6 apache-commons-collections-eap6Match3.2.1_15.redhat_3.1.ep6.el6

apache-commons-collections-eap6 apache-commons-collections-eap6Match3.2.1_10.redhat_1.ep6.el6

apache-commons-collections-eap6 apache-commons-collections-eap6Match3.2.1_15.redhat_3.1.ep6.el7

apache-commons-collections-eap6 apache-commons-collections-eap6Match3.2.1_16.redhat_5.1.ep6.el7

tomcat7 tomcat7Match7.0.54_6_patch_02.ep6.el6

tomcat7 tomcat7Match7.0.54_7_patch_02.ep6.el6

tomcat7 tomcat7Match7.0.40_9_patch_02.ep6.el6

tomcat7 tomcat7Match7.0.40_11_patch_03.ep6.el6

tomcat7 tomcat7Match7.0.30_3_patch_01.ep6.el6

tomcat7 tomcat7Match7.0.59_26_patch_00.ep7.el6

tomcat7 tomcat7Match7.0.30_7_patch_03.ep6.el6

tomcat7 tomcat7Match7.0.54_19_patch_04.ep6.el6

tomcat7 tomcat7Match7.0.54_21_patch_05.ep6.el6

tomcat7 tomcat7Match7.0.59_16_patch_00.ep7.el6

tomcat7 tomcat7Match7.0.40_5_patch_01.ep6.el6

tomcat7 tomcat7Match7.0.30_5_patch_02.ep6.el6

tomcat7 tomcat7Match7.0.54_10_patch_02.ep6.el6

tomcat7 tomcat7Match7.0.54_8_patch_02.ep6.el7

tomcat7 tomcat7Match7.0.54_21_patch_05.ep6.el7

tomcat7 tomcat7Match7.0.59_26_patch_00.ep7.el7

tomcat7 tomcat7Match7.0.54_5_patch_02.ep6.el7

tomcat7 tomcat7Match7.0.54_20_patch_04.ep6.el7

tomcat7 tomcat7Match7.0.54_4_patch_02.ep6.el7

tomcat7 tomcat7Match7.0.59_16_patch_00.ep7.el7

mod_bmx mod_bmxMatch0.9.5_5.ga.ep7.el6

mod_bmx mod_bmxMatch0.9.5_4.ga.ep7.el6

mod_bmx mod_bmxMatch0.9.5_4.ga.ep7.el7

mod_bmx mod_bmxMatch0.9.5_5.ga.ep7.el7

httpd24 httpd24Match2.4.6_56.ep7.el6

httpd24 httpd24Match1.1_4.el6

httpd24 httpd24Match1.1_5.el6

httpd24 httpd24Match2.4.6_56.ep7.el7

Source	Link
securitytracker	www.securitytracker.com/id/1032967
securityfocus	www.securityfocus.com/bid/75963
securityfocus	www.securityfocus.com/bid/91787
lists	www.lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
lists	www.lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
rhn	www.rhn.redhat.com/errata/RHSA-2015-1668.html
access	www.access.redhat.com/security/updates/classification/
debian	www.debian.org/security/2015/dsa-3325
security	www.security.gentoo.org/glsa/201610-02
lists	www.lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Jan 2019 09:07Current

5.8Medium risk

Vulners AI Score5.8

CVSS25

EPSS0.37363