Endpoint Vulnerability

Apache Httpd - low:HTTP request smuggling attack against chunked request parser(CVE-2015-3183)

Description

An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.

Affected Products

Apache Httpd

References

CVE-2015-3183,