HTTP Request Smuggling Tackled By Sun
A latest advisory from Sun states that there is a bug in a number of its server products making them the target of HTTP Request Smuggling attacks. This has increased the chances of web cache poisoning coupled with firewall deception and prevention systems intrusion. Also there is a chance of hijacking of HTTP sessions and cross site scripting attacks.
All this happens in case Sun Java System Proxy Server is used along with Java System Application Server or the Sun Java System Web Server. This problem was brought to notice by Watchfire last year and it's still not clear why it took so long for Sun to take a note of this problem. In order to tackle this problem, Sun has released the latest updates in Sun Java System Application Server, Sun Java System Web Server, Sun Java System Web Proxy Server and Sun ONE Application Server. Click here for the updates.