CVE-2016-5699

MEDIUM

CPython <2.7.10, <3.4.4 - RCE

Title source: llm

Description

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.

Exploits (2)

nomisec WORKING POC 4 stars

by bunseokbot · poc

https://github.com/bunseokbot/CVE-2016-5699-poc

View Code ZIP pw:eip

nomisec WORKING POC

by shajinzheng · poc

https://github.com/shajinzheng/cve-2016-5699-jinzheng-sha

View Code ZIP pw:eip

References (19)

[Various Sources] http://www.splunk.com/view/SP-CAAAPUE

[Patch] https://hg.python.org/cpython/rev/1c45047c5102

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1630.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1627.html

[Patch] https://hg.python.org/cpython/rev/bf3e1c9b80e9

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1629.html

[Various Sources] http://www.splunk.com/view/SP-CAAAPSV

[Mailing List] http://www.openwall.com/lists/oss-security/2016/06/16/2

[Mailing List] https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

[Release Notes] https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS

[Release Notes] https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4

[Mailing List] http://www.openwall.com/lists/oss-security/2016/06/15/12

[Exploit, Third Party Advisory] http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html

[Mailing List] http://www.openwall.com/lists/oss-security/2016/06/14/7

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/91226

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1628.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1626.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

Scores

CVSS v3 6.1

EPSS 0.4171

EPSS Percentile 97.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-113

Status published

Products (27)

python/python 3.0

python/python 3.0.1

python/python 3.1.0

python/python 3.1.1

python/python 3.1.2

python/python 3.1.3

python/python 3.1.4

python/python 3.1.5

python/python 3.2.0

python/python 3.2.1

... and 17 more

Published Sep 02, 2016

Tracked Since Feb 18, 2026