SecuritySpace - CVE-2016-4694

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

CVE Kennung: CVE-2016-4694

Beschreibung: The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue, a related issue to CVE-2016-5387.

Test Kennungen: Nicht verfügbar

Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2016-4694
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
http://lists.apple.com/archives/security-announce/2016/Sep/msg00009.html
BugTraq ID: 93060
http://www.securityfocus.com/bid/93060
http://www.securitytracker.com/id/1036853

CVE Kennung:	CVE-2016-4694
Beschreibung:	The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue, a related issue to CVE-2016-5387.
Test Kennungen:	Nicht verfügbar
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4694 http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00009.html BugTraq ID: 93060 http://www.securityfocus.com/bid/93060 http://www.securitytracker.com/id/1036853