DeleGate Proxy Lets Remote Users Conduct HTTP Request Smuggling Attacks
|
|
SecurityTracker Alert ID: 1014359
|
|
SecurityTracker URL: http://securitytracker.com/id?1014359
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jul 2 2005
|
Impact: Modification of authentication information
|
Exploit Included: Yes
|
Version(s): 8.9.2
|
Description: A vulnerability was reported in DeleGate. A remote user may be able to conduct HTTP request smuggling attacks.
A remote user can submit several specially crafted requests with various 'Content-Length' headers to cause the proxy server to process
the requests based on a Content-Length assumption but forward the requests with a different Content-Length HTTP header value intact.
As a result, a malicious request may be passed through the proxy and processed by the subsequent application (such as an application
server or a proxied system).
Networks that use DeleGate in conjunction with IIS, Tomcat, or the Sun ONE web server are affected.
Other configurations may also be affected.
This vulnerability was reported by Watchfire.
A description of HTTP request smuggling
attacks is available at:
http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
|
Impact: A remote user may be able to poison the proxy cache or cause an application server to incorrectly process the connection.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.delegate.org/delegate/ (Links to External Site)
|
Cause: State error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Sat, 2 Jul 2005 01:41:41 -0400
Subject: http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
|
> DeleGate 8.9.2
|
|
