Apache – CVE-2005-2088

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to several types of attacks. Also known as CVE-2005-2088.

When acting as an HTTP proxy, remote attackers are allowed to conduct Cache Poisoning and bypass WAFs (Web Application Firewall).
They can also initiate XSS attacks by an HTTP request with both a “Transfer-Encoding: chunked” header and a “Content-Length” header.
That will cause Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request. In other words, he will perform a “HTTP Request Smuggling”.

Recommendation

To fix CVE-2005-2088, upgrade the version of Apache Server being used to 2.0.55.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088

< Return to all Vulnerabilities

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »

SQLI to RCE

How to preform SQLI TO RCE? One of the most interesting and important things about any site is the database. So, it’s important to protect

Read More »