Monday, October 23, 2006

HTTP Request Smuggling attack

From Prashant Gawade, Palisade Magazine.
"...
HTTP Request Smuggling (HRS) attack is the result of a device failure to properly handle deformed inbound HTTP requests. HRS works by taking benefit of the discrepancies in HTTP request parsing when one or more HTTP devices are in the data flow between the user and the web server. HTTP Request smuggling leads to various attacks like web cache poisoning, session hijacking, cross-site scripting etc.
..."

read more ...

Posted by Jayesh at 11:55 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)