#VU26355 Inconsistent interpretation of HTTP requests in Twisted Web


Published: 2020-03-24

Vulnerability identifier: #VU26355

Vulnerability risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-10108

CWE-ID: CWE-444

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Twisted Web
Server applications / Web servers

Vendor: Twisted Matrix Labs

Description

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to an error when processing two Content-length headers, sent within one HTTP request that caused the request body to be interpreted as a pipelined request. A remote attacker can send a specially crafted HTTP request to the affected web server and posing HTTP cache or perform other attacks against web application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Twisted Web: 8.0.0 - 19.10.0

External links
http://know.bishopfox.com/advisories
http://know.bishopfox.com/advisories/twisted-version-19.10.0

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


SUSE update for python-Twisted
SUSE update for python-Twisted
Gentoo update for Twisted
Amazon Linux AMI update for python-twisted-web
CentOS 7 update for python-twisted-web
CentOS 6 update for python-twisted-web
Red Hat Enterprise Linux 6 update for python-twisted-web
Red Hat Enterprise Linux 7 update for python-twisted-web
Multiple vulnerabilities in Twisted Web component in Synapse
Inconsistent interpretation of HTTP requests in py3-twisted (Alpine package)