CVE-2005-2088

Vulnerability Description

The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://docs.info.apple.com/article.html?artnum=302847Broken Link
• http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.htmlBroken Link
• http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3Mailing ListThird Party Advisory
• http://seclists.org/lists/bugtraq/2005/Jun/0025.htmlIssue TrackingMailing ListThird Party Advisory
• http://secunia.com/advisories/14530Not Applicable
• http://secunia.com/advisories/17319Not Applicable
• http://secunia.com/advisories/17487Not Applicable
• http://secunia.com/advisories/17813Not Applicable
• http://secunia.com/advisories/19072Not Applicable
• http://secunia.com/advisories/19073Not Applicable
• http://secunia.com/advisories/19185Not Applicable
• http://secunia.com/advisories/19317Not Applicable
• http://secunia.com/advisories/23074Not Applicable
• http://securityreason.com/securityalert/604ExploitThird Party Advisory
• http://securitytracker.com/id?1014323Broken LinkThird Party AdvisoryVDB Entry