CVE-2016-1000110
CGIHandler: sets environmental variable based on user supplied Proxy request header
Severity Score
6.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.
La clase CGIHandler en Python versiones anteriores a la versión 2.7.12, no protege contra el conflicto de nombre de la variable HTTP_PROXY en un script CGI, lo que podría permitir a un atacante remoto redireccionar las peticiones HTTP.
It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-07-18 CVE Reserved
- 2016-08-21 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000110 | Issue Tracking | |
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-1000110 | Issue Tracking | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K3WFJO3SJQCODKRKU6EQV3ZGHH53YPU | X_refsource_misc | |
https://security-tracker.debian.org/tracker/CVE-2016-1000110 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html | 2023-11-07 | |
https://access.redhat.com/security/cve/CVE-2016-1000110 | 2016-08-18 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1357334 | 2016-08-18 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | >= 2.7.0 < 2.7.13 Search vendor "Python" for product "Python" and version " >= 2.7.0 < 2.7.13" | - |
Affected
| ||||||
Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | >= 3.3.0 < 3.3.7 Search vendor "Python" for product "Python" and version " >= 3.3.0 < 3.3.7" | - |
Affected
| ||||||
Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | >= 3.4.0 < 3.4.6 Search vendor "Python" for product "Python" and version " >= 3.4.0 < 3.4.6" | - |
Affected
| ||||||
Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | >= 3.5.0 < 3.5.3 Search vendor "Python" for product "Python" and version " >= 3.5.0 < 3.5.3" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 23 Search vendor "Fedoraproject" for product "Fedora" and version "23" | - |
Affected
|