RVD icon indicating copy to clipboard operation
RVD copied to clipboard
verified publisher icon aliasrobotics

RVD#1493: CRLF injection vulnerability in Python before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers

Open glerapic opened this issue 5 years ago • 0 comments 

{
    "id": 1493,
    "title": "RVD#1493: CRLF injection vulnerability in Python before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers",
    "type": "vulnerability",
    "description": "CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.",
    "cwe": "CWE-113",
    "cve": "CVE-2016-5699",
    "keywords": [
        "CRLF",
        "injection",
        "python"
    ],
    "system": "URx",
    "vendor": "Universal Robots",
    "severity": {
        "rvss-score": 6.2,
        "rvss-vector": "RVSS:1.0/AV:RN/AC:L/PR:N/UI:R/Y:T/S:U/C:L/I:L/A:N/H:N",
        "severity-description": "medium",
        "cvss-score": 6.1,
        "cvss-vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"
    },
    "links": [
        "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5699",
        "http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html",
        "https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html",
        "https://github.com/aliasrobotics/RVD/issues/1493"
    ],
    "flaw": {
        "phase": "testing",
        "specificity": "N/A",
        "architectural-location": "application-specific",
        "application": "python",
        "subsystem": "N/A",
        "package": "python2.7 2.7.3-6+deb7u2 i386",
        "languages": "python",
        "date-detected": null,
        "detected-by": "Victor Mayoral Vilches and Lander Usategui San Juan (Alias Robotics)",
        "detected-by-method": "N/A",
        "date-reported": "2020-04-03",
        "reported-by": "Cedric Buissart (original bug), Alias Robotics S.L.",
        "reported-by-relationship": "Security researcher",
        "issue": "https://github.com/aliasrobotics/RVD/issues/1493",
        "reproducibility": "Always",
        "trace": "N/A",
        "reproduction": "Not available",
        "reproduction-image": "Not available"
    },
    "exploitation": {
        "description": "The injection of arbitrary HTTP headers via CRLF sequences in a URL may be leveraged via ByHTTPConnection.putheader function on both urllib2 and urllib",
        "exploitation-image": "Not available",
        "exploitation-vector": "Not available"
    },
    "mitigation": {
        "description": "sudo apt-get --assume-yes install --only-upgrade python2.7",
        "pull-request": "https://hg.python.org/cpython/rev/1c45047c5102",
        "date-mitigation": null
    }
}

glerapic avatar Apr 03 '20 15:04 glerapic