Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2090

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-2090
Last Modified 07 Mar 2011 09:23:22
Published 05 Jul 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2090

Summary

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

Vulnerable Systems

Application

  • Apache Coyote Http Connector 1.0

  • Apache Coyote Http Connector 1.1

  • Apache Tomcat 4.1.24

  • Apache Tomcat 5.0.19


References

MISC - http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf

VUPEN - ADV-2009-0233

VUPEN - ADV-2008-1979

VUPEN - ADV-2008-0065

VUPEN - ADV-2007-3386

VUPEN - ADV-2007-3087

VUPEN - ADV-2007-2732

BUGTRAQ - 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)

BUGTRAQ - 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

MISC - http://www.securiteam.com/securityreviews/5GP0220G0U.html

CONFIRM - http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

SECUNIA - 33668

BUGTRAQ - 20050606 A new whitepaper by Watchfire - HTTP Request Smuggling

HP - SSRT071447

CONFIRM - http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

BID - 25159

BID - 13873

BUGTRAQ - 20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1

REDHAT - RHSA-2008:0261

REDHAT - RHSA-2007:0360

REDHAT - RHSA-2007:0327

CONFIRM - http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html

CONFIRM - http://tomcat.apache.org/security-6.html

CONFIRM - http://tomcat.apache.org/security-5.html

CONFIRM - http://tomcat.apache.org/security-4.html

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm

SUNALERT - 239312

SECTRACK - 1014365

SECUNIA - 30908

SECUNIA - 30899

SECUNIA - 29242

SECUNIA - 28365

SECUNIA - 27037

SECUNIA - 26660

SECUNIA - 26235

MLIST - [Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1

SUSE - SUSE-SR:2008:005

APPLE - APPLE-SA-2007-07-31

HP - HPSBUX02262

CONFIRM - http://docs.info.apple.com/article.html?artnum=306172


Last Updated: 27 May 2016 10:40:24