Potential Security Vulnerability with Apache 2.15 and earlier

  • 3222109
  • 21-Nov-2006
  • 27-Apr-2012


NetWare 6.5
SuSe Linux Enterprise Server 9


Potential Security Vulnerability with Apache 2.15 and earlier
Apache is prone to an HTTP request smuggling attack.


The NetWare fix for this problem should be included in the NetWare 6.5 Support Pack 6 build when it becomes available.

On SLES 9 More information about the fix may be found at:


Additional Information

Here is the text from the security vulnerability: A specially crafted request with a 'Transfer-Encoding: chunked' header and a'Content-Length' can cause the server to forward a reassembled request with the original 'Content-Length' header. Due to this, the malicious request may piggyback with the valid HTTP request.

It is possible that this attack may result in cache poisoning, cross-site scripting, session hijacking and other attacks.

This issue was originally described in CAN-2005-2088 (Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities). Due to the availability of more details and vendor confirmation, it is being assigned a new BID.
Note this defect has been resolved in an upcoming release of Apache for NetWare. Further information about this defect indicates the following:

The Apache Project has already submitted a fix for this issue that will be released in version 2.0.55 of the httpd web server. The ASF's policy toward vulnerabilities is that they try to patch and release an update even before the vulnerability has been announced. The fact that a patch as been committed to the 2.0.55-dev code base and the ASF seems to not be in a hurry to release 2.0.55, indicates that this vulnerability is very minor.

Formerly known as TID# 10098469