Описание
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | php | Will not fix | ||
| Red Hat Enterprise Linux 5 | php53 | Will not fix | ||
| Red Hat Enterprise Linux 6 | php | Fixed | RHSA-2016:1609 | 11.08.2016 |
| Red Hat Enterprise Linux 7 | php | Fixed | RHSA-2016:1613 | 11.08.2016 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | php54-php | Fixed | RHSA-2016:1610 | 11.08.2016 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | php55-php | Fixed | RHSA-2016:1611 | 11.08.2016 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | rh-php56-php | Fixed | RHSA-2016:1612 | 11.08.2016 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS | php54-php | Fixed | RHSA-2016:1610 | 11.08.2016 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS | php55-php | Fixed | RHSA-2016:1611 | 11.08.2016 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS | rh-php56-php | Fixed | RHSA-2016:1612 | 11.08.2016 |
Показывать по
Дополнительная информация
Статус:
5 Medium
CVSS3
5 Medium
CVSS2
Связанные уязвимости
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 ...
ELSA-2016-1613: php security and bug fix update (MODERATE)
5 Medium
CVSS3
5 Medium
CVSS2