ByteOS Network

CVE Vulnerability Details :

CVE-2005-2090

PUBLISHED

More Info Official Page

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-30 Jun, 2005 | 04:00

Updated At-07 Aug, 2024 | 22:15

▼CVE Numbering Authority (CNA)

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html	x_refsource_CONFIRM
http://tomcat.apache.org/security-4.html	x_refsource_CONFIRM
http://secunia.com/advisories/30908	third-party-advisory x_refsource_SECUNIA
http://lists.vmware.com/pipermail/security-announce/2008/000003.html	mailing-list x_refsource_MLIST
http://www.vupen.com/english/advisories/2007/2732	vdb-entry x_refsource_VUPEN
http://www.securityfocus.com/bid/13873	vdb-entry x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1	vendor-advisory x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2007/3087	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/30899	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/29242	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/1979/references	vdb-entry x_refsource_VUPEN
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html	vendor-advisory x_refsource_APPLE
http://www.vupen.com/english/advisories/2008/0065	vdb-entry x_refsource_VUPEN
http://www.securityfocus.com/archive/1/500412/100/0/threaded	mailing-list x_refsource_BUGTRAQ
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html	vendor-advisory x_refsource_SUSE
http://secunia.com/advisories/33668	third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/485938/100/0/threaded	mailing-list x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/500396/100/0/threaded	mailing-list x_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2007-0360.html	vendor-advisory x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/0233	vdb-entry x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499	vdb-entry signature x_refsource_OVAL
http://secunia.com/advisories/28365	third-party-advisory x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm	x_refsource_CONFIRM
http://tomcat.apache.org/security-6.html	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2007/3386	vdb-entry x_refsource_VUPEN
http://www.securiteam.com/securityreviews/5GP0220G0U.html	x_refsource_MISC
http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf	x_refsource_MISC
http://www.redhat.com/support/errata/RHSA-2007-0327.html	vendor-advisory x_refsource_REDHAT
http://secunia.com/advisories/27037	third-party-advisory x_refsource_SECUNIA
http://securitytracker.com/id?1014365	vdb-entry x_refsource_SECTRACK
http://docs.info.apple.com/article.html?artnum=306172	x_refsource_CONFIRM
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	vendor-advisory x_refsource_HP
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	vendor-advisory x_refsource_HP
http://tomcat.apache.org/security-5.html	x_refsource_CONFIRM
http://www.securityfocus.com/bid/25159	vdb-entry x_refsource_BID
http://secunia.com/advisories/26660	third-party-advisory x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0261.html	vendor-advisory x_refsource_REDHAT
http://seclists.org/lists/bugtraq/2005/Jun/0025.html	mailing-list x_refsource_BUGTRAQ
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx	x_refsource_CONFIRM
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540	x_refsource_CONFIRM
http://secunia.com/advisories/26235	third-party-advisory x_refsource_SECUNIA
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST

Hyperlink: http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://tomcat.apache.org/security-4.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/30908

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.vmware.com/pipermail/security-announce/2008/000003.html

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://www.vupen.com/english/advisories/2007/2732

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.securityfocus.com/bid/13873

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://www.vupen.com/english/advisories/2007/3087

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/30899

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/29242

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vupen.com/english/advisories/2008/1979/references

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://www.vupen.com/english/advisories/2008/0065

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.securityfocus.com/archive/1/500412/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://secunia.com/advisories/33668

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.securityfocus.com/archive/1/485938/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://www.securityfocus.com/archive/1/500396/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0360.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.vupen.com/english/advisories/2009/0233

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://secunia.com/advisories/28365

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm

Resource:

x_refsource_CONFIRM

Hyperlink: http://tomcat.apache.org/security-6.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vupen.com/english/advisories/2007/3386

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.securiteam.com/securityreviews/5GP0220G0U.html

Resource:

x_refsource_MISC

Hyperlink: http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf

Resource:

x_refsource_MISC

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0327.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://secunia.com/advisories/27037

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://securitytracker.com/id?1014365

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://docs.info.apple.com/article.html?artnum=306172

Resource:

x_refsource_CONFIRM

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://tomcat.apache.org/security-5.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securityfocus.com/bid/25159

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://secunia.com/advisories/26660

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0261.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://seclists.org/lists/bugtraq/2005/Jun/0025.html

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

Resource:

x_refsource_CONFIRM

Hyperlink: http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/26235

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html	x_refsource_CONFIRM x_transferred
http://tomcat.apache.org/security-4.html	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/30908	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.vmware.com/pipermail/security-announce/2008/000003.html	mailing-list x_refsource_MLIST x_transferred
http://www.vupen.com/english/advisories/2007/2732	vdb-entry x_refsource_VUPEN x_transferred
http://www.securityfocus.com/bid/13873	vdb-entry x_refsource_BID x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://www.vupen.com/english/advisories/2007/3087	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/30899	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/29242	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2008/1979/references	vdb-entry x_refsource_VUPEN x_transferred
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html	vendor-advisory x_refsource_APPLE x_transferred
http://www.vupen.com/english/advisories/2008/0065	vdb-entry x_refsource_VUPEN x_transferred
http://www.securityfocus.com/archive/1/500412/100/0/threaded	mailing-list x_refsource_BUGTRAQ x_transferred
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html	vendor-advisory x_refsource_SUSE x_transferred
http://secunia.com/advisories/33668	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.securityfocus.com/archive/1/485938/100/0/threaded	mailing-list x_refsource_BUGTRAQ x_transferred
http://www.securityfocus.com/archive/1/500396/100/0/threaded	mailing-list x_refsource_BUGTRAQ x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0360.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.vupen.com/english/advisories/2009/0233	vdb-entry x_refsource_VUPEN x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499	vdb-entry signature x_refsource_OVAL x_transferred
http://secunia.com/advisories/28365	third-party-advisory x_refsource_SECUNIA x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm	x_refsource_CONFIRM x_transferred
http://tomcat.apache.org/security-6.html	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2007/3386	vdb-entry x_refsource_VUPEN x_transferred
http://www.securiteam.com/securityreviews/5GP0220G0U.html	x_refsource_MISC x_transferred
http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf	x_refsource_MISC x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0327.html	vendor-advisory x_refsource_REDHAT x_transferred
http://secunia.com/advisories/27037	third-party-advisory x_refsource_SECUNIA x_transferred
http://securitytracker.com/id?1014365	vdb-entry x_refsource_SECTRACK x_transferred
http://docs.info.apple.com/article.html?artnum=306172	x_refsource_CONFIRM x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	vendor-advisory x_refsource_HP x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	vendor-advisory x_refsource_HP x_transferred
http://tomcat.apache.org/security-5.html	x_refsource_CONFIRM x_transferred
http://www.securityfocus.com/bid/25159	vdb-entry x_refsource_BID x_transferred
http://secunia.com/advisories/26660	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0261.html	vendor-advisory x_refsource_REDHAT x_transferred
http://seclists.org/lists/bugtraq/2005/Jun/0025.html	mailing-list x_refsource_BUGTRAQ x_transferred
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx	x_refsource_CONFIRM x_transferred
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/26235	third-party-advisory x_refsource_SECUNIA x_transferred
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred

Hyperlink: http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://tomcat.apache.org/security-4.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/30908

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.vmware.com/pipermail/security-announce/2008/000003.html

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/2732

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.securityfocus.com/bid/13873

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/3087

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://secunia.com/advisories/30899

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/29242

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2008/1979/references

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2008/0065

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.securityfocus.com/archive/1/500412/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://secunia.com/advisories/33668

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.securityfocus.com/archive/1/485938/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://www.securityfocus.com/archive/1/500396/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0360.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2009/0233

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://secunia.com/advisories/28365

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://tomcat.apache.org/security-6.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/3386

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.securiteam.com/securityreviews/5GP0220G0U.html

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0327.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://secunia.com/advisories/27037

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://securitytracker.com/id?1014365

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://docs.info.apple.com/article.html?artnum=306172

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://tomcat.apache.org/security-5.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.securityfocus.com/bid/25159

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://secunia.com/advisories/26660

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0261.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://seclists.org/lists/bugtraq/2005/Jun/0025.html

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/26235

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References