Python's built-in URL library ("urllib2" in 2.x and "urllib" in 3.x) is vulnerable to protocol stream injection attacks (a.k.a. "smuggling" attacks) via the http scheme.
9fea0de30ead37c21a774ad8b50ab697e88f3e051112390e3be85d2e599d044f
Python's built-in URL library ("urllib2" in 2.x and "urllib" in 3.x)
is vulnerable to protocol stream injection attacks (a.k.a. "smuggling"
attacks) via the http scheme. If an attacker could convince a Python
application using this library to fetch an arbitrary URL, or fetch a
resource from a malicious web server, then these injections could
allow for a great deal of access to certain internal services.
URLs of the following form allow injection into the HTTP stream:
http://127.0.0.1%0d%0aX-injected:%20header%0d%0ax-leftover:%20:12345/foo
http://localhost%00%0d%0ax-bar:%20:12345/foo
More details here:
http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html
Thank you,
tim
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed