Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-3183

Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.

Source

ALAS-2015-578

Amazon Linux AMI Security Advisory: ALAS-2015-578
Advisory Release Date: 2015-08-17 12:23 Pacific
Advisory Updated Date: 2015-08-17 12:23 Pacific

Severity: Medium

References: CVE-2015-3183

Issue Overview:

Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.

Affected Packages:

httpd

Issue Correction:
Run yum update httpd to update your system.

New Packages:

i686:
    httpd-devel-2.2.31-1.6.amzn1.i686
    mod_ssl-2.2.31-1.6.amzn1.i686
    httpd-tools-2.2.31-1.6.amzn1.i686
    httpd-debuginfo-2.2.31-1.6.amzn1.i686
    httpd-2.2.31-1.6.amzn1.i686

noarch:
    httpd-manual-2.2.31-1.6.amzn1.noarch

src:
    httpd-2.2.31-1.6.amzn1.src

x86_64:
    httpd-debuginfo-2.2.31-1.6.amzn1.x86_64
    httpd-devel-2.2.31-1.6.amzn1.x86_64
    httpd-tools-2.2.31-1.6.amzn1.x86_64
    mod_ssl-2.2.31-1.6.amzn1.x86_64
    httpd-2.2.31-1.6.amzn1.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2015-578

ALAS-2015-578

Vulmon Search

About

Products

Connect