CVE-2005-2091 - Vulnerability Details - OpenCVE

IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebSphere to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Websphere Application Server

Configuration 1 [-]

OR	cpe:2.3:a:ibm:websphere_application_server:5.0:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.0:::::::*

No data.

References

Link	Providers
http://seclists.org/lists/bugtraq/2005/Jun/0025.html
http://securitytracker.com/id?1014367
http://www.securiteam.com/securityreviews/5GP0220G0U.html
http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/42898

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-06-30T04:00:00

Updated: 2024-08-07T22:15:37.430Z

Reserved: 2005-06-30T00:00:00

Link: CVE-2005-2091

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2005-07-05T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2005-2091

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-06-06T00:00:00", "descriptions": [{"lang": "en", "value": "IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes WebSphere to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf"}, {"name": "20050606 A new whitepaper by Watchfire - HTTP Request Smuggling", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html"}, {"name": "1014367", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014367"}, {"name": "ibm-websphere-hrs(42898)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42898"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2091", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes WebSphere to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.securiteam.com/securityreviews/5GP0220G0U.html", "refsource": "MISC", "url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html"}, {"name": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf", "refsource": "MISC", "url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf"}, {"name": "20050606 A new whitepaper by Watchfire - HTTP Request Smuggling", "refsource": "BUGTRAQ", "url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html"}, {"name": "1014367", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014367"}, {"name": "ibm-websphere-hrs(42898)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42898"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:15:37.430Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf"}, {"name": "20050606 A new whitepaper by Watchfire - HTTP Request Smuggling", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html"}, {"name": "1014367", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1014367"}, {"name": "ibm-websphere-hrs(42898)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42898"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-2091", "datePublished": "2005-06-30T04:00:00", "dateReserved": "2005-06-30T00:00:00", "dateUpdated": "2024-08-07T22:15:37.430Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1F4DC6FE-BBB4-45AA-8A5F-F204E798DF07", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "66DB2053-6DFD-4FF6-A6E9-444281531E24", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes WebSphere to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\""}], "id": "CVE-2005-2091", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-07-05T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1014367"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html"}, {"source": "cve@mitre.org", "url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42898"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014367"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42898"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}