| Vulnerability Name: | CVE-2005-2090 (CCN-48211) | ||||||||||||||||||||
| Assigned: | 2005-06-06 | ||||||||||||||||||||
| Published: | 2005-06-06 | ||||||||||||||||||||
| Updated: | 2019-04-15 | ||||||||||||||||||||
| Summary: | Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." | ||||||||||||||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
| References: | Source: CONFIRM Type: Broken Link http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx Source: CCN Type: CA Security Response Blog, Jan 23 2009, 06:04 PM CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities Source: MITRE Type: CNA CVE-2005-2090 Source: CONFIRM Type: Broken Link http://docs.info.apple.com/article.html?artnum=306172 Source: HP Type: Broken Link SSRT071447 Source: APPLE Type: Mailing List, Third Party Advisory APPLE-SA-2007-07-31 Source: SUSE Type: Third Party Advisory SUSE-SR:2008:005 Source: MLIST Type: Third Party Advisory [Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 Source: CCN Type: RHSA-2007-0326 Important: tomcat security update Source: CCN Type: RHSA-2007-0327 Important: tomcat security update Source: CCN Type: RHSA-2007-0328 Important: tomcat security update Source: CCN Type: RHSA-2007-0340 Important: tomcat security update Source: CCN Type: RHSA-2007-0360 Important: jbossas security update Source: CCN Type: RHSA-2007-1069 Moderate: tomcat security update for Red Hat Network Satellite Server Source: CCN Type: RHSA-2008-0261 Moderate: Red Hat Network Satellite Server security update Source: CCN Type: RHSA-2008-0524 Low: Red Hat Network Satellite Server security update Source: CCN Type: RHSA-2010-0602 Moderate: Red Hat Certificate System 7.3 security update Source: CCN Type: BugTraq Mailing List, Mon, 06 Jun 2005 19:09:04 +0300 A new whitepaper by Watchfire - HTTP Request Smuggling Source: BUGTRAQ Type: Mailing List, Third Party Advisory 20050606 A new whitepaper by Watchfire - HTTP Request Smuggling Source: CCN Type: SA26235 Mac OS X Security Update Fixes Multiple Vulnerabilities Source: SECUNIA Type: Permissions Required, Third Party Advisory 26235 Source: CCN Type: SA26660 Interstage Application Server Multiple Vulnerabilities Source: SECUNIA Type: Permissions Required, Third Party Advisory 26660 Source: SECUNIA Type: Permissions Required, Third Party Advisory 27037 Source: CCN Type: SA28365 VMware ESX Server and VirtualCenter Multiple Security Updates Source: SECUNIA Type: Permissions Required, Third Party Advisory 28365 Source: SECUNIA Type: Permissions Required, Third Party Advisory 29242 Source: CCN Type: SA30899 Sun Solaris 9 Tomcat Multiple Vulnerabilities Source: SECUNIA Type: Permissions Required, Third Party Advisory 30899 Source: CCN Type: SA30908 Sun Solaris 10 Tomcat Multiple Vulnerabilities Source: SECUNIA Type: Permissions Required, Third Party Advisory 30908 Source: CCN Type: SA33668 CA Cohesion Application Configuration Manager Apache Tomcat Multiple Vulnerabilities Source: SECUNIA Type: Permissions Required, Third Party Advisory 33668 Source: CCN Type: SA40425 Novell ZENworks Linux Management Tomcat Multiple Vulnerabilities Source: CCN Type: SECTRACK ID: 1014365 Tomcat May Allow Remote Users to Conduct HTTP Response Smuggling Attacks Source: SECTRACK Type: Third Party Advisory, VDB Entry 1014365 Source: SUNALERT Type: Broken Link 239312 Source: CONFIRM Type: Third Party Advisory http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm Source: CONFIRM Type: Broken Link, Third Party Advisory http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540 Source: CCN Type: Apache Web site Apache Tomcat 4.x vulnerabilities Source: CONFIRM Type: Vendor Advisory http://tomcat.apache.org/security-4.html Source: CONFIRM Type: Vendor Advisory http://tomcat.apache.org/security-5.html Source: CONFIRM Type: Vendor Advisory http://tomcat.apache.org/security-6.html Source: CONFIRM Type: Third Party Advisory http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html Source: CCN Type: Novell Document ID: 7006398 Tomcat 5.0.28 in ZLM 7.3 subject to "Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities" Source: REDHAT Type: Third Party Advisory RHSA-2007:0327 Source: REDHAT Type: Third Party Advisory RHSA-2007:0360 Source: REDHAT Type: Third Party Advisory RHSA-2008:0261 Source: MISC Type: Exploit, Third Party Advisory http://www.securiteam.com/securityreviews/5GP0220G0U.html Source: BUGTRAQ Type: Third Party Advisory, VDB Entry 20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 Source: BUGTRAQ Type: Third Party Advisory, VDB Entry 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities Source: BUGTRAQ Type: Third Party Advisory, VDB Entry 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) Source: BID Type: Third Party Advisory, VDB Entry 13873 Source: CCN Type: BID-13873 Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities Source: BID Type: Third Party Advisory, VDB Entry 25159 Source: CCN Type: BID-25159 Apple Mac OS X 2007-007 Multiple Security Vulnerabilities Source: VUPEN Type: Permissions Required ADV-2007-2732 Source: VUPEN Type: Permissions Required ADV-2007-3087 Source: VUPEN Type: Permissions Required ADV-2007-3386 Source: VUPEN Type: Permissions Required ADV-2008-0065 Source: VUPEN Type: Permissions Required ADV-2008-1979 Source: VUPEN Type: Permissions Required ADV-2009-0233 Source: MISC Type: Third Party Advisory http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf Source: XF Type: UNKNOWN tomcat-header-request-smuggling(48211) Source: MLIST Type: UNKNOWN [tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ Source: MLIST Type: UNKNOWN [tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ Source: MLIST Type: UNKNOWN [tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ Source: MLIST Type: UNKNOWN [tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ Source: MLIST Type: UNKNOWN [tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ Source: MLIST Type: UNKNOWN [tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ Source: MLIST Type: UNKNOWN [tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/ Source: MLIST Type: UNKNOWN [tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/ Source: MLIST Type: UNKNOWN [tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/ Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:10499 Source: CCN Type: CA20090123-01 Security Notice for Cohesion Tomcat Source: SUSE Type: SUSE-SR:2008:005 SUSE Security Summary Report | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||