Think you have a false positive on this rule?

Sid 1-46495


SERVER-OTHER HTTP request smuggling attempt


This event is generated when an Apache HTTP Smuggling formatted request is detected


Misc Attack


CVSS base score 5.0

CVSS impact score 2.9

CVSS exploitability score 10.0

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Detailed information

CVE-2015-3183: The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.

Affected systems

  • apache http_server 2.4.13

Ease of attack


Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

False negatives

Corrective action


  • Cisco's Talos Intelligence Group

Additional References