Arch LinuxASA-201607-9

HistoryJul 21, 2016 - 12:00 a.m.

drupal: proxy injection

2016-07-2100:00:00

Arch Linux

lists.archlinux.org

EPSS

0.928

Percentile

99.1%

JSON

Drupal 8 uses the third-party PHP library Guzzle for making server-side
HTTP requests. An attacker can provide a proxy server that Guzzle will
use. This vulnerability is called ‘httpoxy’. httpoxy is a set of
vulnerabilities that affect application code running in CGI, or CGI-like
environments. It comes down to a simple namespace conflict:

RFC 3875 (CGI) puts the HTTP Proxy header from a request into the
environment variables as HTTP_PROXY HTTP_PROXY is a popular environment
variable used to configure an outgoing proxy This leads to a remotely
exploitable vulnerability. If you’re running PHP or CGI, you should
block the Proxy header now.

OSVersionArchitecturePackageVersionFilename
anyanyanydrupal< 8.1.7-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
any	any	any	drupal	< 8.1.7-1	UNKNOWN

References

access.redhat.com/security/cve/CVE-2016-5385

bugzilla.redhat.com/show_bug.cgi?id=1353794

httpoxy.org/

www.drupal.org/SA-CORE-2016-003

fedora

[SECURITY] Fedora 23 Update: php-guzzlehttp-guzzle-5.3.1-1.fc23

2016-07-29 02:55:03

[SECURITY] Fedora 23 Update: php-guzzlehttp-guzzle6-6.2.1-1.fc23

2016-07-29 02:55:08

[SECURITY] Fedora 24 Update: php-guzzlehttp-guzzle6-6.2.1-1.fc24

2016-07-29 00:00:06

redhatcve

CVE-2016-5385

2016-07-18 14:19:09

friendsofphp

HTTP Proxy header vulnerability

2018-02-12 19:47:17

HTTP Proxy header vulnerability

2018-02-12 19:47:17

HTTP Proxy header vulnerability

2015-07-15 17:14:23

oraclelinux

php security update

2016-08-11 00:00:00

php security and bug fix update

2016-08-11 00:00:00

php security and bug fix update

2016-11-09 00:00:00

nessus

RHEL 7 : php (RHSA-2016:1613) (httpoxy)

2016-08-12 00:00:00

Fedora 24 : php-guzzlehttp-guzzle (2016-aef8a45afe) (httpoxy)

2016-07-29 00:00:00

Fedora 24 : php-guzzlehttp-guzzle6 (2016-4e7db3d437) (httpoxy)

2016-07-29 00:00:00

openvas

RedHat Update for php RHSA-2016:1613-01

2016-08-12 00:00:00

Fedora Update for php FEDORA-2016-8eb11666aa

2016-08-04 00:00:00

RedHat Update for php RHSA-2016:1609-01

2016-08-12 00:00:00

nvd

CVE-2016-5385

2016-07-19 02:00:17

CVE-2016-1000100

2016-10-06 14:59:17

github

HTTP Proxy header vulnerability

2022-04-07 13:59:22

centos

php security update

2016-08-12 11:27:56

php security update

2016-08-11 21:20:11

typo3

Environment Variable Injection in extension "AWS SDK for PHP" (aws_sdk_php)

2018-08-09 00:00:00

Environment Variable Injection in extension "Amazon Web Services SDK " (aws_sdk)

2018-08-09 00:00:00

Environment Variable Injection

2016-07-19 00:00:00

prion

Design/Logic Flaw

2016-07-19 02:00:00

Design/Logic Flaw

2016-10-06 14:59:00

redhat

(RHSA-2016:1612) Moderate: rh-php56-php security update

2016-08-11 19:53:18

(RHSA-2016:1611) Moderate: php55-php security update

2016-08-11 19:52:52

(RHSA-2016:1609) Moderate: php security update

2016-08-11 19:51:34

K73071205 : PHP vulnerability CVE-2016-5385

2016-07-26 00:00:00

debiancve

CVE-2016-5385

2016-07-19 02:00:00

cvelist

CVE-2016-5385

2016-07-19 01:00:00

cve

CVE-2016-5385

2016-07-19 02:00:17

CVE-2016-1000100

2016-10-06 14:59:17

osv

platformsh-cli-3.67.2-1.2 on GA media

2024-06-15 00:00:00

HTTP Proxy header vulnerability

2022-04-07 13:59:22

php5 - security update

2016-12-16 00:00:00

ubuntucve

CVE-2016-5385

2016-07-18 00:00:00

ibm

Security Bulletin: A vulnerability in PHP affects PowerKVM (CVE-2016-5385)

2018-06-18 01:33:23

Security Bulletin: Multiple vulnerabilities affecting web servers that run code in a CGI or CGI-like context affects IBM API Connect (CVE-2016-5385, CVE-2016-1000105)

2018-06-15 07:06:31

Security Bulletin: IBM QRadar SIEM is vulnerable to various CGI vulnerabilities. (CVE-2016-5385, CVE-2016-5387, CVE-2016-5388)

2018-06-16 21:48:14

gitlab

HTTP Proxy header vulnerability

2016-07-18 00:00:00

veracode

Open Redirection

2019-01-15 09:12:46

slackware

[slackware-security] php

2016-07-21 23:38:17

cloudfoundry

Multiple CVEs: httpoxy | Cloud Foundry

2016-12-21 00:00:00

USN-3045-1 PHP vulnerabilities | Cloud Foundry

2016-09-09 00:00:00

cert

CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables

2016-07-18 00:00:00

checkpoint_advisories

CGI Namespace Conflict Man-In-The-Middle (httpoxy; CVE-2016-1000109; CVE-2016-1000110; CVE-2016-5385; CVE-2016-5386; CVE-2016-5387; CVE-2016-5388)

2016-07-19 00:00:00

threatpost

CGI Script Vulnerability 'Httpoxy' Allows Man-in-the-Middle Attack

2016-07-18 18:00:46

impervablog

Python and Go Top the Chart of 2019’s Most Popular Hacking Tools

2020-05-27 09:22:21

debian

[SECURITY] [DSA 3631-1] php5 security update

2016-07-26 20:46:29

[SECURITY] [DLA 749-1] php5 security update

2016-12-16 21:48:18

amazon

Medium: php55, php56

2016-08-01 13:30:00

freebsd

php -- multiple vulnerabilities

2016-07-21 00:00:00

ubuntu

PHP vulnerabilities

2016-08-02 00:00:00

gentoo

PHP: Multiple vulnerabilities

2016-11-30 00:00:00

kitploit

Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI

2019-11-05 12:00:00

rosalinux

Advisory ROSA-SA-2021-1950

2021-07-02 17:57:45

oracle

Oracle Critical Patch Update - January 2018

2018-01-16 00:00:00

Oracle Critical Patch Update Advisory - July 2017

2018-03-20 00:00:00

drupal: proxy injection

References

Related