CVE-2016-5699

MEDIUM

CPython <2.7.10, <3.4.4 - RCE

Title source: llm

Description

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.

Exploits (2)

nomisec WORKING POC 4 stars

by bunseokbot · poc

https://github.com/bunseokbot/CVE-2016-5699-poc

View Code ZIP pw:eip

nomisec WORKING POC

by shajinzheng · poc

https://github.com/shajinzheng/cve-2016-5699-jinzheng-sha

View Code ZIP pw:eip

References (19)

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1626.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1627.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1628.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1629.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1630.html

[Exploit, Third Party Advisory] http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

[Mailing List] http://www.openwall.com/lists/oss-security/2016/06/14/7

[Mailing List] http://www.openwall.com/lists/oss-security/2016/06/15/12

[Mailing List] http://www.openwall.com/lists/oss-security/2016/06/16/2

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

[Various Sources] http://www.splunk.com/view/SP-CAAAPSV

[Various Sources] http://www.splunk.com/view/SP-CAAAPUE

[Release Notes] https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4

[Release Notes] https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS

[Patch] https://hg.python.org/cpython/rev/1c45047c5102

[Patch] https://hg.python.org/cpython/rev/bf3e1c9b80e9

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/91226

[Mailing List] https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html

Scores

CVSS v3 6.1

EPSS 0.3528

EPSS Percentile 97.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Classification

CWE

CWE-113

Status draft

Affected Products (27)

python/python < 2.7.9

python/python

... and 12 more

Timeline

Published Sep 02, 2016

Tracked Since Feb 18, 2026