CVE-2016-1000107 - OpenCVE

inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Erlang	Erlang\/otp

Configuration 1 [-]

cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.openwall.com/lists/oss-security/2016/07/18/6	Mailing List Third Party Advisory
https://bugs.erlang.org/browse/ERL-198	Issue Tracking Vendor Advisory
https://httpoxy.org/	Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2016-1000107	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-12-10T17:32:33

Updated: 2019-12-10T17:32:33

Reserved: 2016-07-18T00:00:00

Link: CVE-2016-1000107

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-12-10T18:15:09.140

Modified: 2019-12-19T17:57:35.770

Link: CVE-2016-1000107

JSON object: View

Redhat Information

No data.

CWE

CWE-601

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-07-18T00:00:00", "descriptions": [{"lang": "en", "value": "inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-12-10T17:32:33", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://httpoxy.org/"}, {"tags": ["x_refsource_MISC"], "url": "https://security-tracker.debian.org/tracker/CVE-2016-1000107"}, {"tags": ["x_refsource_MISC"], "url": "http://www.openwall.com/lists/oss-security/2016/07/18/6"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.erlang.org/browse/ERL-198"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-1000107", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://httpoxy.org/", "refsource": "MISC", "url": "https://httpoxy.org/"}, {"name": "https://security-tracker.debian.org/tracker/CVE-2016-1000107", "refsource": "MISC", "url": "https://security-tracker.debian.org/tracker/CVE-2016-1000107"}, {"name": "http://www.openwall.com/lists/oss-security/2016/07/18/6", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2016/07/18/6"}, {"name": "https://bugs.erlang.org/browse/ERL-198", "refsource": "MISC", "url": "https://bugs.erlang.org/browse/ERL-198"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-1000107", "datePublished": "2019-12-10T17:32:33", "dateReserved": "2016-07-18T00:00:00", "dateUpdated": "2019-12-10T17:32:33", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CAFFB6B-EA8F-40D5-BCA0-1A6CBA4BD0FD", "versionEndIncluding": "22.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue."}, {"lang": "es", "value": "inets en Erlang posiblemente versi\u00f3n 22.1 y anteriores, siguen RFC secci\u00f3n 3875 versi\u00f3n 4.1.18 y, por lo tanto, no protegen las aplicaciones de la presencia de datos de clientes no seguros en la variable de entorno HTTP_PROXY, lo que podr\u00eda permitir a atacantes remotos redireccionar el tr\u00e1fico HTTP saliente de una aplicaci\u00f3n hacia un servidor proxy arbitrario por medio de un encabezado Proxy dise\u00f1ado en una petici\u00f3n HTTP, tambi\u00e9n se conoce como un problema \"httpoxy\"."}], "id": "CVE-2016-1000107", "lastModified": "2019-12-19T17:57:35.770", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-12-10T18:15:09.140", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/07/18/6"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugs.erlang.org/browse/ERL-198"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://httpoxy.org/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security-tracker.debian.org/tracker/CVE-2016-1000107"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "nvd@nist.gov", "type": "Primary"}]}