Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2015-3183 | First vendor Publication | 2015-07-20 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 50 % | CWE-20 | Improper Input Validation |
| 50 % | CWE-17 | Code |
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2015-08-20 | IAVM : 2015-A-0199 - Multiple Vulnerabilities in Apple Mac OS X Severity : Category I - VMSKEY : V0061337 |
| 2015-07-23 | IAVM : 2015-A-0174 - Multiple Vulnerabilities in Apache HTTP Server Severity : Category I - VMSKEY : V0061135 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-06-05 | HTTP request smuggling attempt RuleID : 46495 - Revision : 4 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-10-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-2055.nasl - Type : ACT_GATHER_INFO |
| 2016-10-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201610-02.nasl - Type : ACT_GATHER_INFO |
| 2016-05-26 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17251.nasl - Type : ACT_GATHER_INFO |
| 2016-01-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0061.nasl - Type : ACT_GATHER_INFO |
| 2016-01-21 | Name : The application installed on the remote host is affected by multiple vulnerab... File : oracle_secure_global_desktop_jan_2016_cpu.nasl - Type : ACT_GATHER_INFO |
| 2015-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2660.nasl - Type : ACT_GATHER_INFO |
| 2015-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2659.nasl - Type : ACT_GATHER_INFO |
| 2015-11-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1851-1.nasl - Type : ACT_GATHER_INFO |
| 2015-11-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1885-2.nasl - Type : ACT_GATHER_INFO |
| 2015-10-06 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-635.nasl - Type : ACT_GATHER_INFO |
| 2015-09-22 | Name : The remote host is missing a security update for OS X Server. File : macosx_server_5_0_3.nasl - Type : ACT_GATHER_INFO |
| 2015-09-18 | Name : The remote IBM HTTP Server is affected by multiple vulnerabilities. File : websphere_8_5_5_7.nasl - Type : ACT_GATHER_INFO |
| 2015-08-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1667.nasl - Type : ACT_GATHER_INFO |
| 2015-08-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1668.nasl - Type : ACT_GATHER_INFO |
| 2015-08-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1667.nasl - Type : ACT_GATHER_INFO |
| 2015-08-25 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150824_httpd_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
| 2015-08-25 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150824_httpd_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2015-08-25 | Name : The remote application is affected by multiple vulnerabilities. File : securitycenter_apache_2_4_16.nasl - Type : ACT_GATHER_INFO |
| 2015-08-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1668.nasl - Type : ACT_GATHER_INFO |
| 2015-08-25 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1668.nasl - Type : ACT_GATHER_INFO |
| 2015-08-25 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1667.nasl - Type : ACT_GATHER_INFO |
| 2015-08-18 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-579.nasl - Type : ACT_GATHER_INFO |
| 2015-08-18 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-578.nasl - Type : ACT_GATHER_INFO |
| 2015-08-17 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-006.nasl - Type : ACT_GATHER_INFO |
| 2015-08-17 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_5.nasl - Type : ACT_GATHER_INFO |
| 2015-08-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3325.nasl - Type : ACT_GATHER_INFO |
| 2015-07-30 | Name : The remote Fedora host is missing a security update. File : fedora_2015-11792.nasl - Type : ACT_GATHER_INFO |
| 2015-07-29 | Name : The remote Debian host is missing a security update. File : debian_DLA-284.nasl - Type : ACT_GATHER_INFO |
| 2015-07-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2686-1.nasl - Type : ACT_GATHER_INFO |
| 2015-07-23 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_4_16.nasl - Type : ACT_GATHER_INFO |
| 2015-07-22 | Name : The remote Fedora host is missing a security update. File : fedora_2015-11689.nasl - Type : ACT_GATHER_INFO |
| 2015-07-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_29083f8e2ca811e586ff14dae9d210b8.nasl - Type : ACT_GATHER_INFO |
| 2015-07-20 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2015-198-01.nasl - Type : ACT_GATHER_INFO |
| 2015-07-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a12494c12af411e586ff14dae9d210b8.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 12:46:55 |
|
| 2024-08-02 12:32:53 |
|
| 2024-08-02 01:09:44 |
|
| 2024-02-02 01:31:55 |
|
| 2024-02-01 12:09:19 |
|
| 2023-12-14 17:28:14 |
|
| 2023-11-07 21:44:40 |
|
| 2023-09-05 12:30:20 |
|
| 2023-09-05 01:09:11 |
|
| 2023-09-02 12:30:17 |
|
| 2023-09-02 01:09:21 |
|
| 2023-08-12 12:33:02 |
|
| 2023-08-12 01:08:49 |
|
| 2023-08-11 12:28:21 |
|
| 2023-08-11 01:09:04 |
|
| 2023-08-06 12:27:32 |
|
| 2023-08-06 01:08:48 |
|
| 2023-08-04 12:27:38 |
|
| 2023-08-04 01:08:52 |
|
| 2023-07-14 12:27:38 |
|
| 2023-07-14 01:08:50 |
|
| 2023-03-29 01:29:21 |
|
| 2023-03-28 12:09:10 |
|
| 2022-10-11 12:24:53 |
|
| 2022-10-11 01:08:58 |
|
| 2021-06-25 01:16:11 |
|
| 2021-06-06 17:23:01 |
|
| 2021-05-05 01:17:47 |
|
| 2021-05-04 12:39:35 |
|
| 2021-04-22 01:48:27 |
|
| 2021-03-30 17:22:49 |
|
| 2020-10-27 21:23:18 |
|
| 2020-10-10 01:12:40 |
|
| 2020-05-23 01:55:33 |
|
| 2020-05-23 00:45:06 |
|
| 2019-08-16 12:03:33 |
|
| 2018-09-25 12:10:45 |
|
| 2018-04-16 01:02:49 |
|
| 2018-01-05 09:23:28 |
|
| 2017-12-09 09:22:20 |
|
| 2017-09-30 05:25:01 |
|
| 2017-09-22 09:24:13 |
|
| 2017-07-22 12:02:55 |
|
| 2017-07-01 09:23:14 |
|
| 2016-12-24 09:24:12 |
|
| 2016-12-08 09:23:42 |
|
| 2016-12-07 21:24:36 |
|
| 2016-12-06 09:24:04 |
|
| 2016-12-03 09:24:12 |
|
| 2016-11-29 00:25:10 |
|
| 2016-10-18 12:04:30 |
|
| 2016-10-15 13:26:01 |
|
| 2016-10-08 13:26:19 |
|
| 2016-09-30 01:05:25 |
|
| 2016-08-23 09:24:54 |
|
| 2016-08-20 09:22:29 |
|
| 2016-08-09 09:24:05 |
|
| 2016-07-22 12:03:27 |
|
| 2016-06-29 00:56:23 |
|
| 2016-05-27 13:27:33 |
|
| 2016-04-27 02:20:01 |
|
| 2016-01-23 13:25:19 |
|
| 2016-01-22 13:25:35 |
|
| 2016-01-22 09:22:25 |
|
| 2015-12-18 13:27:33 |
|
| 2015-11-04 13:24:03 |
|
| 2015-10-23 09:23:50 |
|
| 2015-10-18 17:24:45 |
|
| 2015-10-07 13:24:35 |
|
| 2015-09-23 13:24:11 |
|
| 2015-09-19 13:23:31 |
|
| 2015-09-19 09:23:04 |
|
| 2015-08-27 13:38:46 |
|
| 2015-08-19 13:30:18 |
|
| 2015-08-18 13:35:12 |
|
| 2015-08-18 09:20:06 |
|
| 2015-08-12 13:33:21 |
|
| 2015-07-31 13:29:02 |
|
| 2015-07-24 13:29:49 |
|
| 2015-07-22 05:31:18 |
|
| 2015-07-21 05:24:35 |
|
