Apache – CVE-2005-2088

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to several types of attacks. Also known as CVE-2005-2088.

When acting as an HTTP proxy, remote attackers are allowed to conduct Cache Poisoning and bypass WAFs (Web Application Firewall).
They can also initiate XSS attacks by an HTTP request with both a “Transfer-Encoding: chunked” header and a “Content-Length” header.
That will cause Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request. In other words, he will perform a “HTTP Request Smuggling”.

Recommendation

To fix CVE-2005-2088, upgrade the version of Apache Server being used to 2.0.55.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088

< Return to all Vulnerabilities

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

Read More »

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »