27 Juil 2017
CVE-2016-8743 - CVE Vulnerability
---------------------------------------------------------------------- WARNING - a refinement exists for CVE-2016-8743 : theall/20170425-084430 (delay queue)! Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. (CVSS:0.0) (Last Update:2017-07-27)
Vulnerability Details : ---------------------------------------------------------------------- WARNING - a refinement exists for CVE-2016-8743 : theall/20170425-084430 (delay queue)! Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. Publish Date : 2017-07-27 Last Update Date : 2017-07-27 - CVSS Scores & Vulnerability Types
- Related OVAL Definitions
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability. - Products Affected By CVE-2016-8743
- References For CVE-2016-8743
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-8743There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |