Table of Contents

Public Date:
1617682: CVE-2005-2088 security flaw

The MITRE CVE dictionary describes this issue as:

The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

Find out more about CVE-2005-2088 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (httpd) RHSA-2005:582 2005-07-25
Red Hat Enterprise Linux 4 (httpd) RHSA-2005:582 2005-07-25
Last Modified

CVE description copyright © 2017, The MITRE Corporation