Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2089

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-2089
Last Modified 05 Sep 2008 04:50:51
Published 05 Jul 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2089

Summary

Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes IIS to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

Vulnerable Systems

Application

  • Microsoft Internet Information Server 5.0

  • Microsoft Internet Information Server 6.0


References

MISC - http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf

MISC - http://www.securiteam.com/securityreviews/5GP0220G0U.html

BUGTRAQ - 20050606 A new whitepaper by Watchfire - HTTP Request Smuggling

XF - microsoft-iis-hrs(42899)


Last Updated: 27 May 2016 10:40:24