Apache HTTP Server HTTP Request Smuggling Vulnerability

A vulnerability allowing HTTP request smuggling has been identified in Apache HTTP Server versions through 2.4.52. The issue arises because the server fails to properly close inbound connections when errors occur while discarding the request body. This oversight can be exploited to manipulate how requests are processed, potentially leading to cache poisoning or bypassing access controls on proxied servers.

Impact

Exploitation of this vulnerability allows for HTTP request smuggling, which can disrupt the normal processing of requests and responses, potentially leading to cache poisoning or bypassing access controls on proxied servers.

Reproduction

To reproduce this vulnerability, send a chunked HTTP request that exploits the server's request parsing. This can be done by manipulating the request headers to create an invalid or unexpected structure that the server fails to process correctly. The server's response can then be monitored for signs of request splitting, such as desynchronization or incorrect handling of response headers.

Remediation

Users are advised to upgrade to Apache HTTP Server version 2.4.53 or later, where this vulnerability has been fixed.