Professional Documents
Culture Documents
HTTP Request Smuggling
HTTP Request Smuggling
HTTP Request Smuggling
Overview:
The HTTP Smuggling technique is performed by sending Featured Articles
multiple specially crafted HTTP requests that cause two RealNetworks RealPlayer
attacked entities to see two different sets of requests, Multi-Rate Audio Code
Execution Vulnerability
allowing the hacker to smuggle a request to one device Mozilla Firefox
without the other device being aware of it. NewIdArray Integer
In web cache poisoning attack, this smuggled request will Overflow Code Execution
Vulnerability
trick the cache server into unintentionally associate a URL to
Microsoft Word RTF File
another URL's page (content), and caching this content for Parsing Stack Buffer
the URL. Overflow Vulnerability
In the web application firewall attack, the smuggled request RealNetworks RealPlayer
Advanced Audio Coding
can be a worm (like Nimda or Code Red) or buffer overflow Code Execution
attack targeting the web server. Vulnerability
Finally, because HTTP Request Smuggling enables the HP-UX Running Threaded
attacker to insert or sneak a request into the flow, it allows Processes Denial of
Service Vulnerability
the attacker to manipulate the web server's HP webOS Contacts
request/response sequencing which can allow for credential Application Execution of
hijacking and other malicious outcomes. Arbitrary Code
Vulnerability
HP-UX Apache-based
Technical Details: Web Server Multiple
HTTP Request Smuggling ("HRS") is a new hacking technique Vulnerabilities
that targets HTTP devices. Indeed, whenever HTTP requests
originating from a client pass through more than one entity
that parses them, there is a good chance that these entities
http://www.securiteam.com/securityreviews/5GP0220G0U.html 2/11/2011
SecuriTeam - HTTP Request Smuggling Page 2 of 4
http://www.securiteam.com/securityreviews/5GP0220G0U.html 2/11/2011
SecuriTeam - HTTP Request Smuggling Page 3 of 4
http://www.securiteam.com/securityreviews/5GP0220G0U.html 2/11/2011
SecuriTeam - HTTP Request Smuggling Page 4 of 4
Name/Nick/Email:
6
Submit Chars Left: 2048 Clean
Feedback Analytics
http://www.securiteam.com/securityreviews/5GP0220G0U.html 2/11/2011