FreeBSD : apache -- http request smuggling (651996e0-fe07-11d9-8329-000e0c2e438a)

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

A Watchfire whitepaper reports an vulnerability in the Apache
webserver. The vulnerability can be exploited by malicious people
causing cross site scripting, web cache poisoining, session hijacking
and most importantly the ability to bypass web application firewall
protection. Exploiting this vulnerability requires multiple carefully
crafted HTTP requests, taking advantage of an caching server, proxy
server, web application firewall etc. This only affects installations
where Apache is used as HTTP proxy in combination with the following
web servers :

- IIS/6.0 and 5.0

- Apache 2.0.45 (as web server)

- apache 1.3.29

- WebSphere 5.1 and 5.0

- WebLogic 8.1 SP1

- Oracle9iAS web server 9.0.2

- SunONE web server 6.1 SP4

See also :

http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
http://www.nessus.org/u?357f6265

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 19346 (freebsd_pkg_651996e0fe0711d98329000e0c2e438a.nasl)

Bugtraq ID: 14106

CVE ID: CVE-2005-2088

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now