CVE-2005-2090 — Tomcat Vulnerable to Web Cache Poisoning

Description

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

How to fix CVE-2005-2090

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

—no fix listed

Is CVE-2005-2090 being exploited?

Likely — EPSS is 71.4%, placing CVE-2005-2090 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.

Affected packages (1)

>= 5.0.0, <= 5.0.19

References (34)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2005-2090
WEBcommunity.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
WEBdocs.info.apple.com/article.html?artnum=306172
WEBlists.apple.com/archives/security-announce//2007/Jul/msg00004.html