HTTP request smuggling

“HTTP Request Smuggling (“HRS”) is a new hacking technique that targets HTTP devices. Indeed, whenever HTTP requests originating from a client pass through more than one entity that parses them, there is a good chance that these entities are vulnerable to HRS.
HRS sends multiple, specially crafted HTTP requests that cause the two attacked devices to see differen sets of requests, allowing the hacker to smuggle a request to one device without the other device being aware of it.”

Click

Advertisements

~ by Balle on July 7, 2007.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: