CVE-2016-1000110
First published: Mon Jul 18 2016(Updated: )
Dominic Scheirlinck of VendHQ reports: Many software projects and vendors have implemented support for the “Proxy” request header in their respective CGI implementations and languages by creating the “HTTP_PROXY” environmental variable based on the header value. When this variable is used (in many cases automatically by various HTTP client libraries) any outgoing requests generated in turn from the attackers original request can be redirected to an attacker controlled proxy. This allows attackers to view potentially sensitive information, reply with malformed data, or to hold connections open causing a potential denial of service.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Python Python | >=2.7.0<2.7.13 | |
| Python Python | >=3.3.0<3.3.7 | |
| Python Python | >=3.4.0<3.4.6 | |
| Python Python | >=3.5.0<3.5.3 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Fedoraproject Fedora | =23 | |
| debian/python2.7 | 2.7.18-8+deb11u1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1359175
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1359178
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1359177
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1359179
- https://rhn.redhat.com/errata/RHSA-2016-1627.html
- https://rhn.redhat.com/errata/RHSA-2016-1626.html
- https://rhn.redhat.com/errata/RHSA-2016-1628.html
- https://rhn.redhat.com/errata/RHSA-2016-1630.html
- https://rhn.redhat.com/errata/RHSA-2016-1629.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1357334
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000110
- https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-1000110
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K3WFJO3SJQCODKRKU6EQV3ZGHH53YPU/
- https://security-tracker.debian.org/tracker/CVE-2016-1000110
- https://bugs.python.org/issue27568
- https://github.com/python/cpython/commit/436fe5a447abb69e5e5a4f453325c422af02dcaa
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K3WFJO3SJQCODKRKU6EQV3ZGHH53YPU/
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID is CVE-2016-1000110.
What is the severity of CVE-2016-1000110?
The severity of CVE-2016-1000110 is medium.
Which software versions are affected by CVE-2016-1000110?
Python versions 2.7.0 to 2.7.13, 3.3.0 to 3.3.7, 3.4.0 to 3.4.6, and 3.5.0 to 3.5.3 are affected. Debian Linux 8.0, 9.0, and 10.0 are also affected.
How can a remote attacker exploit CVE-2016-1000110?
A remote attacker can exploit CVE-2016-1000110 by redirecting HTTP requests using the HTTP_PROXY variable name in a CGI script.
Is there a fix for CVE-2016-1000110?
Yes, there are fixes available. Python versions 2.7.16-2+deb10u1, 2.7.16-2+deb10u3, and 2.7.18-8+deb11u1 have fixes for this vulnerability.
- collector/redhat-bugzilla
- alias/CVE-2016-1000110
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/event
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- vendor/python
- canonical/python python
- version/python python/2.7.0
- version/python python/3.3.0
- version/python python/3.4.0
- version/python python/3.5.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/23
- package-manager/debian