CVE-2005-2090

Severity

43%

Complexity

86%

Confidentiality

48%

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Overview

Type

Apache Software Foundation Tomcat

First reported 19 years ago

2005-07-05 04:00:00

Last updated 6 years ago

2019-04-15 16:29:00

Affected Software

Apache Software Foundation Tomcat 4.1.24

4.1.24

Apache Software Foundation Tomcat 5.0.19

5.0.19

References

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

Broken Link

http://docs.info.apple.com/article.html?artnum=306172

Broken Link

SSRT071447

Broken Link

APPLE-SA-2007-07-31

Mailing List, Third Party Advisory

SUSE-SR:2008:005

Third Party Advisory

[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1

Third Party Advisory

20050606 A new whitepaper by Watchfire - HTTP Request Smuggling

Mailing List, Third Party Advisory

26235

Permissions Required, Third Party Advisory

26660

Permissions Required, Third Party Advisory

27037

Permissions Required, Third Party Advisory

28365

Permissions Required, Third Party Advisory

29242

Permissions Required, Third Party Advisory

30899

Permissions Required, Third Party Advisory

30908

Permissions Required, Third Party Advisory

33668

Permissions Required, Third Party Advisory

1014365

Third Party Advisory, VDB Entry

239312

Broken Link

http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm

Third Party Advisory

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

Broken Link, Third Party Advisory

http://tomcat.apache.org/security-4.html

Vendor Advisory

http://tomcat.apache.org/security-5.html

Vendor Advisory

http://tomcat.apache.org/security-6.html

Vendor Advisory

http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html

Third Party Advisory

RHSA-2007:0327

Third Party Advisory

RHSA-2007:0360

Third Party Advisory

RHSA-2008:0261

Third Party Advisory

http://www.securiteam.com/securityreviews/5GP0220G0U.html

Exploit, Third Party Advisory

20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1

Third Party Advisory, VDB Entry

20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

Third Party Advisory, VDB Entry

20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)

Third Party Advisory, VDB Entry

13873

Third Party Advisory, VDB Entry

25159

Third Party Advisory, VDB Entry

ADV-2007-2732

Permissions Required

ADV-2007-3087

Permissions Required

ADV-2007-3386

Permissions Required

ADV-2008-0065

Permissions Required

ADV-2008-1979

Permissions Required

ADV-2009-0233

Permissions Required

http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf

Third Party Advisory

[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/

[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/

[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/

[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/

oval:org.mitre.oval:def:10499

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.