Home > Vulnerability Database > CVE-2005-2088

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2005-2088

Date: June 29, 2005

The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

Severity Score

3.7

Related Resources (63)

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1526

Url: https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

Url: https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

Url: http://secunia.com/advisories/17319

Url: https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html

Url: https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

Url: http://www.vupen.com/english/advisories/2006/4680

Url: http://www.vupen.com/english/advisories/2005/2659

Url: http://www.vupen.com/english/advisories/2005/2140

Url: https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

Url: http://secunia.com/advisories/19185

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A840

Url: https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

Url: http://secunia.com/advisories/23074

Url: http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf

Url: http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only

Url: https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

Url: https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1237

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2005:130

Url: http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00612828

Url: http://secunia.com/advisories/17487

Url: http://securitytracker.com/id?1014323

Url: https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E

Url: http://secunia.com/advisories/14530

Url: https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

Url: http://secunia.com/advisories/19073

Url: http://www.vupen.com/english/advisories/2006/0789

Url: http://www.securityfocus.com/archive/1/428138/100/0/threaded

Url: http://secunia.com/advisories/19072

Url: https://nvd.nist.gov/vuln/detail/CVE-2005-2088

Url: https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

Url: http://www.novell.com/linux/security/advisories/2005_46_apache.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1629

Url: https://security-tracker.debian.org/tracker/CVE-2005-2088

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1

Url: http://www.apache.org/dist/httpd/CHANGES_1.3

Url: http://secunia.com/advisories/17813

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11452

Url: http://www.debian.org/security/2005/dsa-803

Url: https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E

Url: http://secunia.com/advisories/19317

Url: http://docs.info.apple.com/article.html?artnum=302847

Url: http://www.debian.org/security/2005/dsa-805

Url: http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3

Url: http://www.securiteam.com/securityreviews/5GP0220G0U.html

Url: http://www.redhat.com/support/errata/RHSA-2005-582.html

Url: http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

Url: http://seclists.org/lists/bugtraq/2005/Jun/0025.html

Url: https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E

Url: http://www.securityfocus.com/bid/15647

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2005-2088

Url: http://securityreason.com/securityalert/604

Url: http://www.novell.com/linux/security/advisories/2005_18_sr.html

Url: http://www-1.ibm.com/support/search.wss?rs=0&q=PK13959&apar=only

Url: http://www.ubuntu.com/usn/usn-160-2

Url: http://www.securityfocus.com/bid/14106

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.600000

Url: http://www.apache.org/dist/httpd/CHANGES_2.0

Url: http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html

Url: http://www.vupen.com/english/advisories/2006/1018

Url: https://www.mend.io/vulnerability-database/CVE-2005-2088

Severity Score

3.7

Weakness Type (CWE)

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

CWE-444

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us