The host is installed with Apache HTTP Server 2.2.x or 2.4.x before 2.4.14 and is prone to HTTP request smuggling attack vulnerabilities. The flaws are present in the chunked transfer coding implementation, which does not properly parse chunk headers. Successful exploitation will allow remote attackers to conduct HTTP request smuggling attacks, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.