CVE-2016-1000108
MEDIUMyaws < 2.0.4 - Open Redirect via HTTP_PROXY Environment Variable
Title source: llmDescription
yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000108.json
Mailing List, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2016/07/18/6
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2016-1000108
Patch, Third Party Advisory x_refsource_confirm
https://github.com/klacke/yaws/commit/9d8fb070e782c95821c90d0ca7372fc6d7316c78#diff-54053c47eb173a90c26ed19bd9d106c1
Scores
CVSS v3
6.1
EPSS
0.0110
EPSS Percentile
61.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-601
Status
published
Products (4)
debian/debian_linux
8.0
debian/debian_linux
9.0
debian/debian_linux
10.0
yaws/yaws
< 2.0.4
Published
Dec 10, 2019
Tracked Since
Feb 18, 2026