Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities - Advisories - Secunia

Monday, March 24, 2008 1:26 PM cmosby

Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities - Advisories - Secunia

Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities

Secunia Advisory:
SA29453
Release Date:
2008-03-24
Critical:

Less critical
Impact:
Security Bypass
Cross Site Scripting
Where:
From remote
Solution Status:
Unpatched
Software:
Microsoft Internet Explorer 7.x
Description:
Stefano Di Paola has reported some vulnerabilities in Internet Explorer, which can be exploited by malicious people to conduct HTTP request smuggling/splitting attacks.

The problem is that it is possible to modify certain headers via "setRequestHeader()", which can be exploited to e.g. inject arbitrary HTTP requests by setting the "Transfer-Encoding" header to "chunked" or to overwrite certain headers (e.g. "Content-Length", "Host", and "Referer").

The vulnerabilities are reported in version 7.0.5730.11. Other versions may also be affected.

Solution:
Do not browse untrusted websites.

Provided and/or discovered by:
Stefano Di Paola

Original Advisory:
http://www.mindedsecurity.com/MSA01240108.html
http://www.mindedsecurity.com/MSA02240108.html

Source: Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities - Advisories - Secunia

Filed under: Patch Management, Browser Wars, Internet Explorer, Security, Software Vulnerabilites

Comments

No Comments

Chris Mosby at myITforum.com

Search

Tags

News

Unique Visitors

Navigation

Archives

Microsoft Links

SMS Links

Great Blogs

My Links

Security Links

Anti-Virus Links

Things I Have Done or I Am Involved In

Published Works

Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities - Advisories - Secunia

Comments