Vulnerability CVE-2016-1000212

Vulnerability Name:

CVE-2016-1000212 (CCN-116317)

Published:

2016-07-18

Updated:

2016-07-18

Summary:

lighttpd could allow a remote attacker to redirect HTTP traffic of CGI application, caused by the failure to protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable. By using a specially-crafted Proxy header in a HTTP request, an attacker could exploit this vulnerability to redirect outbound HTTP traffic to arbitrary proxy server.

This is also known as the "HTTPOXY" vulnerability.

CVSS v3 Severity:

8.1 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-1000212

Source: CCN
Type: oss-sec Mailing List, Mon, 18 Jul 2016 08:17:03 -0600
Re: A CGI application vulnerability for PHP, Go, Python and others

Source: CCN
Type: IBM Security Bulletin T1024260 (PowerKVM)
A vulnerability in lighttpd affects PowerKVM (CVE-2016-1000212)

Source: CCN
Type: US-CERT VU#797896
CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables

Source: CCN
Type: Red Hat Bugzilla Bug 1360638
(CVE-2016-1000212) CVE-2016-1000212 lighttpd: sets environmental variable based on user supplied Proxy request header

Source: XF
Type: UNKNOWN
lighttpd-cve20161000212-redirect(116317)

Source: CCN
Type: httpoxy Web site
httpoxy

Source: CCN
Type: lighttpd Web site
lighttpd

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:lighttpd:lighttpd:1.4.35:*:*:*:*:*:*:*

AND

cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20161000212	V	CVE-2016-1000212	2022-09-02
oval:org.opensuse.security:def:6349	P	Security update for libgda (Important) (in QA)	2022-08-31
oval:org.opensuse.security:def:6327	P	Security update for the Linux Kernel (Important)	2022-04-14
oval:org.opensuse.security:def:6326	P	Security update for netatalk (Important)	2022-04-13
oval:org.opensuse.security:def:6337	P	Security update for polkit (Important)	2022-01-25
oval:org.opensuse.security:def:6304	P	Security update for clamav-database (Important)	2022-01-17
oval:org.opensuse.security:def:6296	P	Security update for net-snmp (Important)	2022-01-11
oval:org.opensuse.security:def:7288	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:6307	P	Security update for the Linux Kernel (Important)	2021-11-19
oval:org.opensuse.security:def:7278	P	Security update for the Linux Kernel (Important)	2021-11-11
oval:org.opensuse.security:def:32202	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:6457	P	Security update for the Linux Kernel (Important)	2021-10-15
oval:org.opensuse.security:def:7277	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:7266	P	Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3) (Important)	2021-09-16
oval:org.opensuse.security:def:6453	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:14924	P	ibus-1.5.13-15.11.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13903	P	libgoa-1_0-0-3.20.4-7.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14994	P	libgcab-1_0-0-0.6-1.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15045	P	libospf0-1.1.1-17.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15065	P	libquicktime0-1.2.4-14.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15089	P	libu2f-host0-1.1.6-3.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14890	P	ft2demos-2.6.3-7.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15183	P	sblim-sfcb-1.4.8-17.3.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15210	P	unixODBC-2.3.6-7.9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13854	P	java-1_7_1-ibm-1.7.1_sr3.50-28.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13876	P	libXp6-1.0.2-3.57 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14898	P	giflib-progs-5.0.5-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13881	P	libXv1-1.0.10-3.56 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:6476	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:7255	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:123991	P	lighttpd-1.4.35-3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15269	P	cpp48-4.8.5-30.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15285	P	dovecot22-2.2.13-2.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12785	P	lighttpd-1.4.35-3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15923	P	bsh2-2.0.0.b5-3.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15946	P	fuse-devel-2.9.3-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12796	P	lighttpd-1.4.35-3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15258	P	bind-9.9.9P1-46.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32109	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:6445	P	Security update for the Linux Kernel (Important)	2021-04-16
oval:org.opensuse.security:def:6319	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:39265	P	Security update for openldap2 (Important)	2021-03-04
oval:org.opensuse.security:def:6464	P	Security update for java-1_8_0-ibm (Important)	2021-03-01
oval:org.opensuse.security:def:38609	P	Security update for ImageMagick (Moderate)	2021-02-23
oval:org.opensuse.security:def:6315	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:32259	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:6442	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-23
oval:org.opensuse.security:def:13060	P	libraptor2-0-2.0.10-3.63 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13152	P	python-cryptography-1.3.1-7.13.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13079	P	libtcnative-1-0-1.2.23-3.3.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12922	P	jakarta-commons-fileupload-1.1.1-122.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13154	P	python-doc-2.7.13-28.31.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13179	P	socat-1.7.2.4-3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12903	P	groff-1.22.2-5.287 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13194	P	tboot-20190704_1.9.10-1.7 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12925	P	java-1_7_0-openjdk-1.7.0.231-43.27.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13203	P	unrar-5.0.14-3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12971	P	libaudit1-2.8.1-10.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13216	P	xfsprogs-4.15.0-1.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12930	P	kdump-0.8.16-9.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13018	P	libltdl7-2.4.2-17.4.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13221	P	xorg-x11-server-1.19.6-8.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12808	P	lighttpd-1.4.35-3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12952	P	libXfont2-2-2.0.3-1.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13033	P	libopenjp2-7-2.1.0-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13230	P	zypper-1.13.51-21.26.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12998	P	libical1-1.0.1-16.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13052	P	libproxy1-0.4.13-16.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13243	P	cpp5-5.3.1+r233831-9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12895	P	glibc-2.22-100.15.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13045	P	libplist3-1.12-20.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13127	P	p7zip-9.20.1-7.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:29298	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:38513	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6383	P	libgypsy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28561	P	Security update for icedtea-web	2020-12-01
oval:org.opensuse.security:def:6628	P	gstreamer-plugins-bad on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27644	P	Security update for libtiff	2020-12-01
oval:org.opensuse.security:def:27148	P	ibutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39157	P	doxygen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28301	P	Security update for ntfs-3g (Low)	2020-12-01
oval:org.opensuse.security:def:28255	P	Security update for lighttpd (Moderate)	2020-12-01
oval:org.opensuse.security:def:6430	P	libsilc-1_1-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6528	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6618	P	gnome-shell on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31892	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:32607	P	sysstat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27772	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27232	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39216	P	libvdpau1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28345	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:26806	P	perl-libwww-perl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6553	P	apparmor-docs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6627	P	gstreamer-0_10-plugins-good on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31903	P	Security update for fontconfig (Low)	2020-12-01
oval:org.opensuse.security:def:32646	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27890	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:27854	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:27383	P	ctdb-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28600	P	Security update for sudo	2020-12-01
oval:org.opensuse.security:def:28983	P	Security update for vorbis-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:26807	P	perl-spamassassin on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6395	P	libldap-2_4-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6586	P	dnsmasq on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6640	P	imobiledevice-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31977	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32668	P	fvwm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27954	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:27911	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:27436	P	libbz2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28616	P	Security update for xorg-x11-libXext	2020-12-01
oval:org.opensuse.security:def:29018	P	Security update for lighttpd (Moderate)	2020-12-01
oval:org.opensuse.security:def:6539	P	xorg-x11-libs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38514	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32712	P	libgdiplus0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28082	P	Security update for gcc5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27995	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:27485	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28660	P	Security update for evolution-data-server	2020-12-01
oval:org.opensuse.security:def:27568	P	struts on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6564	P	busybox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:7300	P	lighttpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38525	P	xorg-x11-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39304	P	Security update for compat-openssl098 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33350	P	Security update for openssh-openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28166	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28146	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:6595	P	eog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27569	P	subversion on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6597	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39332	P	Security update for compat-openssl098 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33389	P	Security update for lighttpd (Moderate)	2020-12-01
oval:org.opensuse.security:def:28223	P	Security update for libsndfile (Moderate)	2020-12-01
oval:org.opensuse.security:def:28199	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:6604	P	ft2demos on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29334	P	Security update for lighttpd (Moderate)	2020-12-01
oval:org.opensuse.security:def:6551	P	accountsservice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26818	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38746	P	libxerces-c-3_1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32346	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27524	P	openCryptoki on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39377	P	Security update for python-tablib (Moderate)	2020-12-01
oval:org.opensuse.security:def:31891	P	Security update for expat (Important)	2020-12-01
oval:org.opensuse.security:def:6372	P	libexif12 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28307	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28248	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:6617	P	gnome-settings-daemon on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27878	P	Security update for rubygem-actionpack-2_1	2020-12-01
oval:org.opensuse.security:def:6576	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26882	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38849	P	gd-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32502	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27538	P	postgresql-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:40015	P	Security update for Linux Kernel Live Patch 20 for SLE 12 (Important)	2020-12-01
oval:org.opensuse.security:def:6419	P	libpoppler-glib8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28459	P	Security update for xfsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:6606	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27879	P	Security update for rubygem-actionpack-2_3	2020-12-01
oval:org.opensuse.security:def:6609	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27010	P	pcsc-lite on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38907	P	libdirectfb-1_7-1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32558	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27582	P	xorg-x11-libX11-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:40057	P	Security update for lighttpd (Moderate)	2020-12-01
oval:org.opensuse.security:def:6434	P	libsoup-2_4-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28512	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:6615	P	gnome-keyring on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27580	P	xen-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27091	P	bind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38997	P	ImageMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28287	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:28220	P	Security update for libsamplerate (Moderate)	2020-12-01
oval:org.cisecurity:def:1007	P	DSA-3642-1 -- lighttpd -- security update	2016-09-16
oval:com.ubuntu.artful:def:20161000212000	V	CVE-2016-1000212 on Ubuntu 17.10 (artful) - medium.	2016-07-27
oval:com.ubuntu.trusty:def:20161000212000	V	CVE-2016-1000212 on Ubuntu 14.04 LTS (trusty) - medium.	2016-07-27
oval:com.ubuntu.cosmic:def:201610002120000000	V	CVE-2016-1000212 on Ubuntu 18.10 (cosmic) - medium.	2016-07-27
oval:com.ubuntu.bionic:def:20161000212000	V	CVE-2016-1000212 on Ubuntu 18.04 LTS (bionic) - medium.	2016-07-27
oval:com.ubuntu.xenial:def:20161000212000	V	CVE-2016-1000212 on Ubuntu 16.04 LTS (xenial) - medium.	2016-07-27
oval:com.ubuntu.bionic:def:201610002120000000	V	CVE-2016-1000212 on Ubuntu 18.04 LTS (bionic) - medium.	2016-07-27
oval:com.ubuntu.cosmic:def:20161000212000	V	CVE-2016-1000212 on Ubuntu 18.10 (cosmic) - medium.	2016-07-27
oval:com.ubuntu.xenial:def:201610002120000000	V	CVE-2016-1000212 on Ubuntu 16.04 LTS (xenial) - medium.	2016-07-27
oval:com.ubuntu.precise:def:20161000212000	V	CVE-2016-1000212 on Ubuntu 12.04 LTS (precise) - medium.	2016-07-27

BACK