Re: svn commit: r392230 - in /httpd/site/trunk: docs/security/vulnerabilities_13.html xdocs/security/vulnerabilities-httpd.xml

[Mark J Cox]

> 1.3 was UNAFFECTED 

Yes, indeed it was me that insisted that this didn't affect 1.3, I'll
revert it :)

Cheers, Mark

Re: svn commit: r392230 - in /httpd/site/trunk: docs/security/vulnerabilities_13.html xdocs/security/vulnerabilities-httpd.xml

[William A. Rowe, Jr.]

WHY?

1.3 was UNAFFECTED by the original report, because chunking is NOT SUPPORTED.

The only reason I insisted on fixing it is that there were other similar
issues w.r.t. other handlers.  I thought you were the one who insisted
that my patch didn't address -2088?

It'

Bill

[EMAIL PROTECTED] wrote:

Author: mjc
Date: Fri Apr  7 02:39:36 2006
New Revision: 392230

URL: http://svn.apache.org/viewcvs?rev=392230&view=rev
Log:
From: Mike O'Connor 
Subject: Apacheweek security minor addition, I think


I think http://httpd.apache.org/security/vulnerabilities_13.html
should probably note that CAN-2005-2088 is (at least partially and
maybe completely) addressed in 1.3.34.


Modified:
httpd/site/trunk/docs/security/vulnerabilities_13.html
httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml

Modified: httpd/site/trunk/docs/security/vulnerabilities_13.html
URL: 
http://svn.apache.org/viewcvs/httpd/site/trunk/docs/security/vulnerabilities_13.html?rev=392230&r1=392229&r2=392230&view=diff
==
--- httpd/site/trunk/docs/security/vulnerabilities_13.html (original)
+++ httpd/site/trunk/docs/security/vulnerabilities_13.html Fri Apr  7 02:39:36 
2006
@@ -112,6 +112,42 @@

  
   
+   Fixed in Apache httpd 1.3.34
+  
+ 
+ 
+  
+
+
+moderate: 
+
+HTTP Request Spoofing
+
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088";>CVE-2005-2088
+
+A flaw occured when using the Apache server as a HTTP proxy. A remote
+attacker could send a HTTP request with both a "Transfer-Encoding:
+chunked" header and a Content-Length header, causing Apache to
+incorrectly handle and forward the body of the request in a way that
+causes the receiving server to process it as a separate HTTP request.
+This could allow the bypass of web application firewall protection or
+lead to cross-site scripting (XSS) attacks.
+
+
+
+  Update Released: 18th October 2005
+
+
+  Affects: 
+1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, 1.3.0

+
+
+  
+ 
+
+   
+ 
+  
Fixed in Apache httpd 1.3.33
   
  

Modified: httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
URL: 
http://svn.apache.org/viewcvs/httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml?rev=392230&r1=392229&r2=392230&view=diff
==
--- httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml (original)
+++ httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml Fri Apr  7 
02:39:36 2006
@@ -253,6 +253,45 @@
 
 
 
+

+
+moderate
+HTTP Request Spoofing
+
+
+A flaw occured when using the Apache server as a HTTP proxy. A remote
+attacker could send a HTTP request with both a "Transfer-Encoding:
+chunked" header and a Content-Length header, causing Apache to
+incorrectly handle and forward the body of the request in a way that
+causes the receiving server to process it as a separate HTTP request.
+This could allow the bypass of web application firewall protection or
+lead to cross-site scripting (XSS) attacks.
+
+
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+
+
 
 
 moderate