Remote Code Execution Vulnerability in Sun ONE Web Server 6.1 SP1
CVE-2005-2094

Currently unrated

Key Information:

Vendor

Oracle
Status
One Web Server
Vendor
CVE Published:
5 July 2005

What is CVE-2005-2094?

The Sun ONE Web Server 6.1 SP1 is susceptible to a vulnerability that allows remote attackers to exploit improper handling of HTTP requests. By sending a specially crafted request containing both 'Transfer-Encoding: chunked' and 'Content-Length' headers, an attacker can manipulate the server into processing the request body as a separate HTTP request. This may lead to web cache poisoning, bypassing web application firewall protections, and facilitating cross-site scripting (XSS) attacks, thereby compromising the integrity and security of the affected web application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securitytracker.com/id?1014369
vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/42903
vdb-entryx_refsource_XF
http://www.securiteam.com/securityreviews/5GP0220G0U.html
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.