Drupal Core – Highly Critical – Injection Vulnerability – SA-CORE-2016-003

by CIRT Team

Description: httpoxy is a set of vulnerabilities that affect application code running in CGI or CGI-like environments. It comes down to a simple namespace conflict:

1. RFC 3875 (CGI) puts the HTTP Proxy header from a request into the environment variables as HTTP_PROXY
2. HTTP_PROXY is a popular environment variable used to configure an outgoing proxy

Impact: Drupal 8 uses the third-party PHP library Guzzle for making server-side HTTP requests. An attacker can provide a proxy server that Guzzle will use.

Mitigation: Vendor has released new version. Upgrade to Drupal core 8.1.7

Reference URL’s:

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385
• https://www.drupal.org/SA-CORE-2016-003
• https://httpoxy.org/

CIRT Team

Recommended Posts

Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers

08 Feb 2024 - Articles, English articles, Security Advisories & Alerts

বাংলাদেশের আইটি কাঠামোয় তথ্য চুরির ম্যালওয়ারের বিস্তার সম্পর্কে সতর্কতা

18 Jan 2024 - Articles, Bangla Articles, News, Security Advisories & Alerts

সাইবার থ্রেট এলার্টঃ বাংলাদেশকে লক্ষ্য করে চলমান ফিশিং ক্যাম্পেইন

04 Jan 2024 - News, Security Advisories & Alerts