HTTP Request Smuggling : Content-Length and Transfer-Encoding: chunked fields in header


Description   This evasion technique is based on the fact that the firewall and the web server (or web proxy) won't understand a request in the same way.
This technique is usually used to bypass firewalls and server protections.
     
Default
configuration 		 
Profiles High Medium Low Internet
Action Block Block Block Block
Alarm Level Major Major Minor Major
     
References  
     
Available since   ASQ v3.2.0
     
Protects   Undertow Multiple Vulnerabilities
IBM Maximo Asset Management Multiple Vulnerabilities
Bottle "redirect()" Unescaped CRLF Sequences Vulnerability Fixed by 0.12.11
NodeJS Multiple Vulnerabilities Fixed by 6.7.0, 4.6.0, 0.12.16 and 0.10.47
Cisco EPC 3925 Multiple Vulnerabilities
Red Hat JBoss Enterprise Application Platform Mutilple Vulnerabilities Fixed by 7.0.2
Infoblox Network Automation Multiple Vulnerabilities Fixed by 7.1.1
Python httplib "HTTPConnection.putheader()" HTTP Header Injection Vulnerability
Squid Proxy Cache Multiple Vulnerabilities Fixed by 3.5.18 and 4.0.10
EMC RSA Authentication Manager Multiple Vulnerabilities Fixed by 8.1 SP1 Patch 14
Palo Alto Networks PAN-OS HTTP Request Smuggling Vulnerability Fixed by 7.1.1
Jenkins Multiple Vulnerabilities Fixed by 1.650 and 1.642.2 LTS
NodeJS HTTP Header Multiple Vulnerabilities Fixed by 0.10.42, 0.12.10, 4.3.0 and 5.6.0
H2O HTTP Response Splitting Vulnerability Fixed by v1.6.2
Android Apache Cordova File Transfer Plugin HTTP Header Injection Vulnerability Fixed by 1.3.0
IBM WebSphere Application Server HTTP Response Splitting Vulnerability
Apache mod_negotiation Cross-Site Scripting and HTTP Response Splitting Vulnerabilities
Google Go HTTP Request Smuggling Multiple Vulnerabilities
IBM WebSphere Commerce HTTP Response Splitting Vulnerability
Cisco Web Security Appliance Web Framework HTTP Header Injection Vulnerability
Cisco TelePresence SX20 Carriage Return Line Feed Vulnerability
Apache Tomcat HTTP Request Smuggling Vulnerability Fixed by 6.0.43, 7.0.55 and 8.0.9
Zend Framework HTTP Response Splitting Vulnerability Fixed by 2.3.8 and 2.4.1
Zend Framework Two HTTP Response Splitting Vulnerabilities
F5 Multiple Products Tomcat Chunked Request Handling Vulnerability
IBM Tivoli Netcool System Service Monitor Multiple Vulnerabilities
IBM Rational Directory Administrator Chunked Request Handling Vulnerability
IBM Rational Directory Server Chunked Request Handling Vulnerability
IBM UrbanCode Deploy / UrbanCode Deploy with Patterns Apache Tomcat Chunked Request Handling Vulnerability
IBM Algo Audit and Compliance Apache Tomcat Chunked Request Handling Vulnerability
Magtrb MyNews "basepath" File Inclusion Vulnerabilities
Bugzilla Unauthorized Access and Cross Site Scripting Vulnerabilities
Bugzilla Cross Site Scripting and HTTP Response Splitting Vulnerabilities
Sun Java System Proxy and Web Servers HTTP Request Smuggling Vulnerability
Squid HTTP Request Smuggling
Apache Chunked Transfer-Encoding and Content-Length HTTP Request Smuggling
100 last CVE   CVE-2018-1067
CVE-2017-7559
CVE-2017-2670
CVE-2017-2666
CVE-2017-1292
CVE-2017-1291
CVE-2017-12165
CVE-2016-9964
CVE-2016-7099
CVE-2016-6484
CVE-2016-5699
CVE-2016-5406
CVE-2016-5325
CVE-2016-4993
CVE-2016-4556
CVE-2016-4555
CVE-2016-4554
CVE-2016-4553
CVE-2016-2216
CVE-2016-2086
CVE-2016-1133
CVE-2016-0902
CVE-2016-0901
CVE-2016-0900
CVE-2016-0792
CVE-2016-0791
CVE-2016-0790
CVE-2016-0789
CVE-2016-0788
CVE-2015-5741
CVE-2015-5740
CVE-2015-5739
CVE-2015-5204
CVE-2015-4198
CVE-2015-3154
CVE-2015-2017
CVE-2015-0770
CVE-2015-0289
CVE-2015-0288
CVE-2015-0287
CVE-2015-0209
CVE-2015-0196
CVE-2014-8151
CVE-2014-8150
CVE-2014-0227
CVE-2011-0048
CVE-2011-0046
CVE-2010-4572
CVE-2010-4570
CVE-2010-4569
CVE-2010-4568
CVE-2010-4567
CVE-2010-4411
CVE-2010-4209
CVE-2010-4208
CVE-2010-4207
CVE-2010-3764
CVE-2010-3172
CVE-2010-2761
CVE-2008-0456
CVE-2008-0455
CVE-2006-6276
CVE-2005-2088



 
 
 
 
 Risk level 
Moderate