PT-2016-6401 · Apache+5 · Apache Http Server+5

Dominic Scheirlinck

Published

2016-07-18

Updated

2024-06-15

CVE-2016-5387

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.25 Apache HTTP Server versions prior to 2.2.32

Description The issue allows remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request. This is due to the presence of untrusted client data in the HTTP PROXY environment variable. The problem arises from libraries overloading well-established CGI environment variables, specifically the HTTP PROXY variable.

Recommendations For Apache HTTP Server versions prior to 2.4.25, update to version 2.4.25 or later. For Apache HTTP Server versions prior to 2.2.32, update to version 2.2.32 or later. As a temporary workaround, consider avoiding the population of the HTTP PROXY variable from a "Proxy:" header in the httpd CGI environment.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2017-1655

CESA-2016_1421

CESA-2016_1422

CVE-2016-5387

DLA-553-1

DSA-3623-1

MGASA-2016-0262

MGASA-2017-0146

OPENSUSE-SU-2024:10623-1

RHSA-2016:1420

RHSA-2016:1421

RHSA-2016:1422

RHSA-2016:1635

RHSA-2016:1636

RHSA-2016:1648

RHSA-2016:1649

RHSA-2016:1851

RHSA-2016_1421

RHSA-2016_1422

SUSE-SU-2016:1818-1

SUSE-SU-2016:1819-1

SUSE-SU-2016:2090-1

SUSE-SU-2016_1818-1

SUSE-SU-2016_1819-1

SUSE-SU-2016_2090-1

USN-3038-1

Affected Products

Alt Linux

Apache Http Server

Centos

Red Hat

Suse

Ubuntu

PT-2016-6401 · Apache+5 · Apache Http Server+5

CVE-2016-5387

Related Identifiers

Affected Products

References · 154