Resolution for CVE-2015-3183 CVE-2015-3185.

Solution Unverified - Updated -

Issue

  • httpd: HTTP request smuggling attack against chunked request parser. (CVE-2015-3183)
  • httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4. (CVE-2015-3185)

Environment

  • Red Hat Enterprise Linux 5, 6 and 7
  • Red Hat Software Collections 1 for RHEL 7 (RHSCL)
  • Red Hat Software Collections 1 for RHEL 6 (RHSCL)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In