|
|
Inconsistent Interpretation of HTTP Requests (aka 'HTTP Request Smuggling') Status: Incomplete Weakness ID: 444 (Weakness Base)Description Summary When malformed or abnormal HTTP requests are interpreted by one or more entities in the data flow between the user and the web server, such as a proxy or firewall, they can be interpreted inconsistently, allowing the attacker to "smuggle" a request to one device without the other device being aware of it. Potential Mitigations Use a web server that employs a strict HTTP parsing procedure, such as Apache (See paper in reference). Use only SSL communication. Terminate the client session after each request. Turn all pages to non-cacheable. Observed Examples
Other Notes Request smuggling can be performed due to a multiple interpretation error, where the target is an intermediary or monitor, via a consistency manipulation (Transfer-Encoding and Content-Length headers). Resultant from CRLF injection. References Chaim Linhart, Amit Klein, Ronen Heled
and Steve Orrin. "HTTP Request Smuggling". <http:/ Relationships
Taxonomy Mappings
Applicable Platforms Languages All Time of Introduction  Architecture and Design ImplementationRelated Attack Patterns
Content History Submissions PLOVER. (Externally Mined) Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Potential_Mitigations, Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Name, Relationships, Other_Notes, Taxonomy_Mappings Previous Entry Names HTTP Request Smuggling (changed 2008-04-11) Interpretation Conflict in Web Traffic (aka 'HTTP Request Smuggling') (changed 2008-09-09) |
|
|
|||
