CVE - CVE-2005-2090

CVE-ID
CVE-2005-2090	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20050606 A new whitepaper by Watchfire - HTTP Request Smuggling URL:http://seclists.org/lists/bugtraq/2005/Jun/0025.html BUGTRAQ:20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 URL:http://www.securityfocus.com/archive/1/485938/100/0/threaded BUGTRAQ:20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) URL:http://www.securityfocus.com/archive/1/500412/100/0/threaded BUGTRAQ:20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities URL:http://www.securityfocus.com/archive/1/500396/100/0/threaded MLIST:[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 URL:http://lists.vmware.com/pipermail/security-announce/2008/000003.html MISC:http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf MISC:http://www.securiteam.com/securityreviews/5GP0220G0U.html CONFIRM:http://tomcat.apache.org/security-4.html CONFIRM:http://tomcat.apache.org/security-5.html CONFIRM:http://tomcat.apache.org/security-6.html CONFIRM:http://docs.info.apple.com/article.html?artnum=306172 CONFIRM:http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm CONFIRM:http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx CONFIRM:http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540 APPLE:APPLE-SA-2007-07-31 URL:http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html HP:HPSBUX02262 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 HP:SSRT071447 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 REDHAT:RHSA-2007:0327 URL:http://www.redhat.com/support/errata/RHSA-2007-0327.html REDHAT:RHSA-2007:0360 URL:http://www.redhat.com/support/errata/RHSA-2007-0360.html REDHAT:RHSA-2008:0261 URL:http://www.redhat.com/support/errata/RHSA-2008-0261.html SUNALERT:239312 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 SUSE:SUSE-SR:2008:005 URL:http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html BID:25159 URL:http://www.securityfocus.com/bid/25159 BID:13873 URL:http://www.securityfocus.com/bid/13873 OVAL:oval:org.mitre.oval:def:10499 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499 VUPEN:ADV-2007-2732 URL:http://www.vupen.com/english/advisories/2007/2732 VUPEN:ADV-2007-3087 URL:http://www.vupen.com/english/advisories/2007/3087 VUPEN:ADV-2007-3386 URL:http://www.vupen.com/english/advisories/2007/3386 VUPEN:ADV-2008-0065 URL:http://www.vupen.com/english/advisories/2008/0065 VUPEN:ADV-2008-1979 URL:http://www.vupen.com/english/advisories/2008/1979/references VUPEN:ADV-2009-0233 URL:http://www.vupen.com/english/advisories/2009/0233 SECTRACK:1014365 URL:http://securitytracker.com/id?1014365 SECUNIA:26235 URL:http://secunia.com/advisories/26235 SECUNIA:26660 URL:http://secunia.com/advisories/26660 SECUNIA:27037 URL:http://secunia.com/advisories/27037 SECUNIA:28365 URL:http://secunia.com/advisories/28365 SECUNIA:29242 URL:http://secunia.com/advisories/29242 SECUNIA:30908 URL:http://secunia.com/advisories/30908 SECUNIA:30899 URL:http://secunia.com/advisories/30899 SECUNIA:33668 URL:http://secunia.com/advisories/33668
Assigning CNA
N/A
Date Entry Created
20050630	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20050630)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org