what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

CVE-2016-5388

Status Candidate

Overview

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.

Related Files

HPE Security Bulletin HPESBHF03770 1
Posted Aug 28, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03770 1 - A potential security vulnerability has been identified in Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat. The vulnerability known as "httpoxy" could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, web, arbitrary, php
advisories | CVE-2016-5385, CVE-2016-5386, CVE-2016-5387, CVE-2016-5388
SHA-256 | 2af8ae566d18e3cd782b2353bc2bd160ea874bc5b28f246c238fe9f009bc5455
Ubuntu Security Notice USN-3177-2
Posted Feb 3, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3177-2 - USN-3177-1 fixed vulnerabilities in Tomcat. The update introduced a regression in environments where Tomcat is started with a security manager. This update fixes the problem. It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. Various other issues were also addressed.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-0762, CVE-2016-5018, CVE-2016-5388, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735, CVE-2016-8745
SHA-256 | 57a72bb771cc2225db7906a9c2ff594538c87f4e7e8aaf43d8de9b80f0774ac5
Ubuntu Security Notice USN-3177-1
Posted Jan 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3177-1 - It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-0762, CVE-2016-5018, CVE-2016-5388, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735, CVE-2016-8745, CVE-2016-9774, CVE-2016-9775
SHA-256 | 2713577ab03cb9b5c070b7a23a9b0c6daedc179f766b08f40cfeaa05ec2a47d5
HP Security Bulletin HPSBUX03665 3
Posted Dec 1, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03665 3 - Potential security vulnerabilities have been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or URL Redirection. Revision 3 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2016-3092, CVE-2016-5388
SHA-256 | 9d2cd9d2c5a5326760651264d9508d7f771267c319cee95f6f5733b6837bf96b
HP Security Bulletin HPSBUX03665 2
Posted Nov 15, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03665 2 - Potential security vulnerabilities have been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) and URL Redirection. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2016-3092, CVE-2016-5388
SHA-256 | 8a33a45462fb5af32efafe6f3107b91eb71ecf3236ac6ed9fb1332835889de91
HP Security Bulletin HPSBUX03665 1
Posted Nov 7, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03665 1 - Potential security vulnerabilities have been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) and URL Redirection. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2016-3092, CVE-2016-5388
SHA-256 | bbafcd56c7474dd4c44957ace450decc84059a5ee53ec33bf03dac1511ccfa33
HP Security Bulletin HPSBMU03653 1
Posted Oct 27, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03653 1 - Multiple potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. The vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in cross-site scripting (XSS), arbitrary code execution, Denial of Service (DoS), and/or unauthorized disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, code execution, xss
systems | linux, windows
advisories | CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, CVE-2016-3739, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4342, CVE-2016-4343, CVE-2016-4393, CVE-2016-4394, CVE-2016-4395, CVE-2016-4396, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-5385, CVE-2016-5387, CVE-2016-5388
SHA-256 | 8c670a2d763c2a2f7a69a05242741bdf9441d037d1584c704b9fdff983643e06
Red Hat Security Advisory 2016-2046-01
Posted Oct 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2046-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2014-7810, CVE-2015-5346, CVE-2016-5388, CVE-2016-5425, CVE-2016-6325
SHA-256 | 7056bf07b2e27a71e6bef5675f05761c70a99be39c2768af9f8c620a2a364046
Red Hat Security Advisory 2016-2045-01
Posted Oct 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2045-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2016-5388, CVE-2016-6325
SHA-256 | 609cecfe793f7ba2060d8e359b0c28df529745da895283da5842ba6287323e62
Red Hat Security Advisory 2016-1635-01
Posted Aug 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1635-01 - This release of Red Hat JBoss Web Server 3.0.3 Service Pack 1 serves as a update for Red Hat JBoss Web Server 3.0.3 httpd and tomcat. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387, CVE-2016-5388
SHA-256 | 963cfb244690288486e0e38ba4462baa8b1b20489ef0ee36f41737f89c6345c3
Red Hat Security Advisory 2016-1636-01
Posted Aug 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1636-01 - This release of Red Hat JBoss Web Server 3.0.3 Service Pack 1 serves as a update for Red Hat JBoss Web Server 3.0.3 httpd and tomcat. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387, CVE-2016-5388
SHA-256 | d6555b0c5e1cb5b88fa68681422fe8721a8b25b9cd13f4884507fe2d4101c095
Red Hat Security Advisory 2016-1624-01
Posted Aug 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1624-01 - This release of Red Hat JBoss Web Server 3.0.3 Service Pack 1 serves as a update for Red Hat JBoss Web Server 3.0.3 httpd and tomcat. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387, CVE-2016-5388
SHA-256 | ca7ccdac8b6da50eb2b2518f63459ecd23735de90547e027d6dc0d4318c75e65
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close