Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
100
security advisorymoderateSUSESUSE 15 SP6: 2024:4136-1 moderate: php8 multiple issues
* bsc#1233651 * bsc#1233702 * bsc#1233703 Cross-References: . # Security update for php8 Announcement ID: SUSE-SU-2024:4136-1 Release Date: 2024-12-02T12:26:55Z Rating: moderate References: * bsc#1233651 * bsc#1233702 * bsc#1233703 Cross-References: * CVE-2024-11233 * CVE-2024-11234 * CVE-2024-11236 * CVE-2024-8929 * CVE-2024-8932 CVSS scores: * CVE-2024-11233 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-11233 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-11233 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-11233 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-11234 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-11234 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-11234 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N * CVE-2024-11234 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-11236 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-11236 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-11236 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-11236 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8929 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-8929 ( NVD ): 5.8 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-8932 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-8932 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for php8 fixes the following issues: *CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter (bsc#1233702). * CVE-2024-11234: Configuring a proxy in a stream context might allow for CRLF injection in URIs (bsc#1233703). * CVE-2024-8929: Leak partial content of the heap through heap buffer over- read (bsc#1233651). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4136=1 openSUSE-SLE-15.6-2024-4136=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-4136=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * php8-sockets-8.2.26-150600.3.9.1 * php8-xmlreader-8.2.26-150600.3.9.1 * php8-xsl-8.2.26-150600.3.9.1 * php8-enchant-8.2.26-150600.3.9.1 * php8-iconv-debuginfo-8.2.26-150600.3.9.1 * php8-ffi-8.2.26-150600.3.9.1 * php8-gettext-debuginfo-8.2.26-150600.3.9.1 * php8-fileinfo-8.2.26-150600.3.9.1 * php8-ffi-debuginfo-8.2.26-150600.3.9.1 * php8-phar-8.2.26-150600.3.9.1 * php8-opcache-debuginfo-8.2.26-150600.3.9.1 * php8-enchant-debuginfo-8.2.26-150600.3.9.1 * php8-fpm-debuginfo-8.2.26-150600.3.9.1 * php8-openssl-debuginfo-8.2.26-150600.3.9.1 * php8-ftp-8.2.26-150600.3.9.1 * php8-gd-8.2.26-150600.3.9.1 * php8-dom-8.2.26-150600.3.9.1 * php8-odbc-debuginfo-8.2.26-150600.3.9.1 * php8-gettext-8.2.26-150600.3.9.1 * php8-posix-debuginfo-8.2.26-150600.3.9.1 * php8-fastcgi-8.2.26-150600.3.9.1 * php8-calendar-8.2.26-150600.3.9.1 * php8-snmp-debuginfo-8.2.26-150600.3.9.1 * php8-dba-8.2.26-150600.3.9.1 * php8-tidy-8.2.26-150600.3.9.1 * php8-sysvsem-debuginfo-8.2.26-150600.3.9.1 * php8-snmp-8.2.26-150600.3.9.1 * php8-pdo-debuginfo-8.2.26-150600.3.9.1 * php8-zip-debuginfo-8.2.26-150600.3.9.1 *php8-sysvsem-8.2.26-150600.3.9.1 * php8-tidy-debuginfo-8.2.26-150600.3.9.1 * php8-ldap-debuginfo-8.2.26-150600.3.9.1 * php8-openssl-8.2.26-150600.3.9.1 * php8-embed-8.2.26-150600.3.9.1 * php8-mysql-8.2.26-150600.3.9.1 * php8-shmop-8.2.26-150600.3.9.1 * php8-embed-debuginfo-8.2.26-150600.3.9.1 * php8-curl-debuginfo-8.2.26-150600.3.9.1 * php8-sqlite-8.2.26-150600.3.9.1 * php8-opcache-8.2.26-150600.3.9.1 * php8-embed-debugsource-8.2.26-150600.3.9.1 * php8-ldap-8.2.26-150600.3.9.1 * php8-pgsql-debuginfo-8.2.26-150600.3.9.1 * php8-sysvmsg-debuginfo-8.2.26-150600.3.9.1 * php8-bz2-debuginfo-8.2.26-150600.3.9.1 * php8-ftp-debuginfo-8.2.26-150600.3.9.1 * php8-soap-8.2.26-150600.3.9.1 * php8-xmlwriter-8.2.26-150600.3.9.1 * php8-bcmath-8.2.26-150600.3.9.1 * php8-fpm-8.2.26-150600.3.9.1 * php8-debugsource-8.2.26-150600.3.9.1 * php8-exif-8.2.26-150600.3.9.1 * php8-cli-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-debuginfo-8.2.26-150600.3.9.1 * php8-zip-8.2.26-150600.3.9.1 * php8-tokenizer-debuginfo-8.2.26-150600.3.9.1 * php8-pgsql-8.2.26-150600.3.9.1 * php8-sysvshm-debuginfo-8.2.26-150600.3.9.1 * php8-8.2.26-150600.3.9.1 * php8-bz2-8.2.26-150600.3.9.1 * php8-sysvmsg-8.2.26-150600.3.9.1 * php8-dom-debuginfo-8.2.26-150600.3.9.1 * php8-intl-debuginfo-8.2.26-150600.3.9.1 * php8-mbstring-8.2.26-150600.3.9.1 * php8-phar-debuginfo-8.2.26-150600.3.9.1 * php8-curl-8.2.26-150600.3.9.1 * php8-pcntl-debuginfo-8.2.26-150600.3.9.1 * php8-xsl-debuginfo-8.2.26-150600.3.9.1 * php8-gmp-8.2.26-150600.3.9.1 * php8-sockets-debuginfo-8.2.26-150600.3.9.1 * php8-mbstring-debuginfo-8.2.26-150600.3.9.1 * php8-bcmath-debuginfo-8.2.26-150600.3.9.1 * php8-ctype-8.2.26-150600.3.9.1 * php8-sysvshm-8.2.26-150600.3.9.1 * php8-zlib-debuginfo-8.2.26-150600.3.9.1 * php8-odbc-8.2.26-150600.3.9.1 * php8-intl-8.2.26-150600.3.9.1 * php8-soap-debuginfo-8.2.26-150600.3.9.1 * php8-tokenizer-8.2.26-150600.3.9.1 * php8-ctype-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-debugsource-8.2.26-150600.3.9.1 * php8-xmlreader-debuginfo-8.2.26-150600.3.9.1 * php8-zlib-8.2.26-150600.3.9.1 * php8-sodium-debuginfo-8.2.26-150600.3.9.1 * php8-debuginfo-8.2.26-150600.3.9.1 * php8-sqlite-debuginfo-8.2.26-150600.3.9.1 * php8-xmlwriter-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-8.2.26-150600.3.9.1 * php8-fpm-debugsource-8.2.26-150600.3.9.1 * php8-sodium-8.2.26-150600.3.9.1 * php8-fileinfo-debuginfo-8.2.26-150600.3.9.1 * php8-gmp-debuginfo-8.2.26-150600.3.9.1 * php8-devel-8.2.26-150600.3.9.1 * php8-shmop-debuginfo-8.2.26-150600.3.9.1 * php8-readline-8.2.26-150600.3.9.1 * php8-calendar-debuginfo-8.2.26-150600.3.9.1 * php8-dba-debuginfo-8.2.26-150600.3.9.1 * php8-test-8.2.26-150600.3.9.1 * php8-pdo-8.2.26-150600.3.9.1 * php8-exif-debuginfo-8.2.26-150600.3.9.1 * php8-mysql-debuginfo-8.2.26-150600.3.9.1 * php8-pcntl-8.2.26-150600.3.9.1 * php8-cli-8.2.26-150600.3.9.1 * php8-gd-debuginfo-8.2.26-150600.3.9.1 * php8-posix-8.2.26-150600.3.9.1 * php8-iconv-8.2.26-150600.3.9.1 * php8-fastcgi-debuginfo-8.2.26-150600.3.9.1 * php8-readline-debuginfo-8.2.26-150600.3.9.1 * php8-fastcgi-debugsource-8.2.26-150600.3.9.1 * openSUSE Leap 15.6 (noarch) * php8-fpm-apache-8.2.26-150600.3.9.1 * Web and Scripting Module 15-SP6 (aarch64 ppc64le s390x x86_64) * php8-sockets-8.2.26-150600.3.9.1 * php8-xmlreader-8.2.26-150600.3.9.1 * php8-xsl-8.2.26-150600.3.9.1 * php8-enchant-8.2.26-150600.3.9.1 * php8-iconv-debuginfo-8.2.26-150600.3.9.1 * php8-gettext-debuginfo-8.2.26-150600.3.9.1 * php8-fileinfo-8.2.26-150600.3.9.1 * php8-phar-8.2.26-150600.3.9.1 * php8-opcache-debuginfo-8.2.26-150600.3.9.1 * php8-enchant-debuginfo-8.2.26-150600.3.9.1 * php8-fpm-debuginfo-8.2.26-150600.3.9.1 * php8-openssl-debuginfo-8.2.26-150600.3.9.1 *php8-ftp-8.2.26-150600.3.9.1 * php8-gd-8.2.26-150600.3.9.1 * php8-dom-8.2.26-150600.3.9.1 * php8-odbc-debuginfo-8.2.26-150600.3.9.1 * php8-gettext-8.2.26-150600.3.9.1 * php8-fastcgi-8.2.26-150600.3.9.1 * php8-posix-debuginfo-8.2.26-150600.3.9.1 * php8-calendar-8.2.26-150600.3.9.1 * php8-snmp-debuginfo-8.2.26-150600.3.9.1 * php8-dba-8.2.26-150600.3.9.1 * php8-tidy-8.2.26-150600.3.9.1 * php8-sysvsem-debuginfo-8.2.26-150600.3.9.1 * php8-snmp-8.2.26-150600.3.9.1 * php8-pdo-debuginfo-8.2.26-150600.3.9.1 * php8-zip-debuginfo-8.2.26-150600.3.9.1 * php8-sysvsem-8.2.26-150600.3.9.1 * php8-tidy-debuginfo-8.2.26-150600.3.9.1 * php8-ldap-debuginfo-8.2.26-150600.3.9.1 * php8-embed-8.2.26-150600.3.9.1 * php8-openssl-8.2.26-150600.3.9.1 * php8-mysql-8.2.26-150600.3.9.1 * php8-shmop-8.2.26-150600.3.9.1 * php8-embed-debuginfo-8.2.26-150600.3.9.1 * php8-curl-debuginfo-8.2.26-150600.3.9.1 * php8-sqlite-8.2.26-150600.3.9.1 * php8-opcache-8.2.26-150600.3.9.1 * php8-embed-debugsource-8.2.26-150600.3.9.1 * php8-ldap-8.2.26-150600.3.9.1 * php8-pgsql-debuginfo-8.2.26-150600.3.9.1 * php8-sysvmsg-debuginfo-8.2.26-150600.3.9.1 * php8-bz2-debuginfo-8.2.26-150600.3.9.1 * php8-ftp-debuginfo-8.2.26-150600.3.9.1 * php8-soap-8.2.26-150600.3.9.1 * php8-xmlwriter-8.2.26-150600.3.9.1 * php8-bcmath-8.2.26-150600.3.9.1 * php8-fpm-8.2.26-150600.3.9.1 * php8-debugsource-8.2.26-150600.3.9.1 * php8-exif-8.2.26-150600.3.9.1 * php8-cli-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-debuginfo-8.2.26-150600.3.9.1 * php8-zip-8.2.26-150600.3.9.1 * php8-tokenizer-debuginfo-8.2.26-150600.3.9.1 * php8-pgsql-8.2.26-150600.3.9.1 * php8-sysvshm-debuginfo-8.2.26-150600.3.9.1 * php8-8.2.26-150600.3.9.1 * php8-bz2-8.2.26-150600.3.9.1 * php8-sysvmsg-8.2.26-150600.3.9.1 * php8-dom-debuginfo-8.2.26-150600.3.9.1 * php8-intl-debuginfo-8.2.26-150600.3.9.1 *php8-mbstring-8.2.26-150600.3.9.1 * php8-phar-debuginfo-8.2.26-150600.3.9.1 * php8-curl-8.2.26-150600.3.9.1 * php8-pcntl-debuginfo-8.2.26-150600.3.9.1 * php8-xsl-debuginfo-8.2.26-150600.3.9.1 * php8-gmp-8.2.26-150600.3.9.1 * php8-sockets-debuginfo-8.2.26-150600.3.9.1 * php8-mbstring-debuginfo-8.2.26-150600.3.9.1 * php8-bcmath-debuginfo-8.2.26-150600.3.9.1 * php8-ctype-8.2.26-150600.3.9.1 * php8-sysvshm-8.2.26-150600.3.9.1 * php8-zlib-debuginfo-8.2.26-150600.3.9.1 * php8-odbc-8.2.26-150600.3.9.1 * php8-intl-8.2.26-150600.3.9.1 * php8-soap-debuginfo-8.2.26-150600.3.9.1 * php8-ctype-debuginfo-8.2.26-150600.3.9.1 * php8-tokenizer-8.2.26-150600.3.9.1 * apache2-mod_php8-debugsource-8.2.26-150600.3.9.1 * php8-xmlreader-debuginfo-8.2.26-150600.3.9.1 * php8-zlib-8.2.26-150600.3.9.1 * php8-sodium-debuginfo-8.2.26-150600.3.9.1 * php8-debuginfo-8.2.26-150600.3.9.1 * php8-sqlite-debuginfo-8.2.26-150600.3.9.1 * php8-xmlwriter-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-8.2.26-150600.3.9.1 * php8-fpm-debugsource-8.2.26-150600.3.9.1 * php8-sodium-8.2.26-150600.3.9.1 * php8-fileinfo-debuginfo-8.2.26-150600.3.9.1 * php8-gmp-debuginfo-8.2.26-150600.3.9.1 * php8-devel-8.2.26-150600.3.9.1 * php8-shmop-debuginfo-8.2.26-150600.3.9.1 * php8-readline-8.2.26-150600.3.9.1 * php8-calendar-debuginfo-8.2.26-150600.3.9.1 * php8-dba-debuginfo-8.2.26-150600.3.9.1 * php8-test-8.2.26-150600.3.9.1 * php8-pdo-8.2.26-150600.3.9.1 * php8-exif-debuginfo-8.2.26-150600.3.9.1 * php8-mysql-debuginfo-8.2.26-150600.3.9.1 * php8-pcntl-8.2.26-150600.3.9.1 * php8-cli-8.2.26-150600.3.9.1 * php8-gd-debuginfo-8.2.26-150600.3.9.1 * php8-posix-8.2.26-150600.3.9.1 * php8-iconv-8.2.26-150600.3.9.1 * php8-fastcgi-debuginfo-8.2.26-150600.3.9.1 * php8-readline-debuginfo-8.2.26-150600.3.9.1 * php8-fastcgi-debugsource-8.2.26-150600.3.9.1 ## References: *https://www.suse.com/security/cve/CVE-2024-11233.html * https://www.suse.com/security/cve/CVE-2024-11234.html * https://www.suse.com/security/cve/CVE-2024-11236.html * https://www.suse.com/security/cve/CVE-2024-8929.html * https://www.suse.com/security/cve/CVE-2024-8932.html * https://bugzilla.suse.com/show_bug.cgi?id=1233651 * https://bugzilla.suse.com/show_bug.cgi?id=1233702 * https://bugzilla.suse.com/show_bug.cgi?id=1233703 . SUSE releases a security advisory for php8 addressing various vulnerabilities classified as moderate severity. Update guidelines provided.. php8 Security Updates,SUSE php8 Advisory,SUSE Linux Server,OpenSUSE Security. . LinuxSecurity.com Team
Dec 02, 2024
SuSE
198
security advisorynetwork securitymedium severityArch Linux: ASA-202012-16 Medium: Hostapd Proxy Injection Threat
The package hostapd before version 2.9-4 is vulnerable to proxy injection. . Arch Linux Security Advisory ASA-202012-16 ========================================= Severity: Medium Date : 2020-12-09 CVE-ID : CVE-2020-12695 Package : hostapd Type : proxy injection Remote : Yes Link : https://security.archlinux.org/AVG-1322 Summary ====== The package hostapd before version 2.9-4 is vulnerable to proxy injection. Resolution ========= Upgrade to 2.9-4. # pacman -Syu "hostapd> =2.9-4" The problem has been fixed upstream but no release is available yet. Workaround ========= None. Description ========== The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. This issue could allow a device connected to the local network (i.e., a device that has been authorized to transmit packets in the network in which the AP is located) to trigger the AP to initiate a HTTP (TCP/IP) connection to an arbitrary URL, including connections to servers in external networks. Impact ===== An attacker on the local network might be able to force the AP to initiate a HTTP (TCP/IP) connection to an arbitrary URL, including connections to servers in external networks. References ========= https://bugs.archlinux.org/task/68861 https://w1.fi/security/2020-1/upnp-subscribe-misbehavior-wps-ap.txt https://www.callstranger.com/ https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch https://security.archlinux.org/CVE-2020-12695 . A high-severity proxy injection vulnerability in hostapd < 2.10-1 can lead to data interception. Update to mitigate risks and protect your network security. Arch Linux, Hostapd, ProxyInjection, Security Advisory. . Severity: Medium. LinuxSecurity.com Team
Dec 17, 2020
•Medium
ArchLinux
198
security advisorymedium severitytomcat6Arch Linux: 201611-6 Medium Advisory on Tomcat6 Proxy Injection
The package tomcat6 before version 6.0.47-1 is vulnerable to proxy injection. . Arch Linux Security Advisory ASA-201611-6 ======================================== Severity: Medium Date : 2016-11-02 CVE-ID : CVE-2016-5388 Package : tomcat6 Type : proxy injection Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package tomcat6 before version 6.0.47-1 is vulnerable to proxy injection. Resolution ========= Upgrade to 6.0.47-1. # pacman -Syu "tomcat6> =6.0.47-1" The problem has been fixed upstream in version 6.0.47. Workaround ========= None. Description ========== It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. Impact ===== A remote attacker is able to use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. References ========= https://www.apache.org/security/asf-httpoxy-response.txt https://access.redhat.com/security/cve/CVE-2016-5388 . Alpine Linux notice regarding the nginx security vulnerability. An update is suggested to address potential threats associated with this moderate risk concern.. Arch Linux, Tomcat6 Proxy Injection, Security Issues. . Severity: Medium. LinuxSecurity.com Team
Nov 02, 2016
•Medium
ArchLinux
198
security advisorymedium severityArch LinuxArch Linux: ASA-201609-21 Medium: tomcat7 Proxy Injection Risk
The package tomcat7 before version 7.0.72-1 is vulnerable to proxy injection. . Arch Linux Security Advisory ASA-201609-21 ========================================= Severity: Medium Date : 2016-09-22 CVE-ID : CVE-2016-5388 Package : tomcat7 Type : proxy injection Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package tomcat7 before version 7.0.72-1 is vulnerable to proxy injection. Resolution ========= Upgrade to 7.0.72-1. # pacman -Syu "tomcat7> =7.0.72-1" The problems have been fixed upstream in version 7.0.72. Workaround ========= None. Description ========== It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. Impact ===== A remote attacker is able to use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. References ========= https://access.redhat.com/security/cve/CVE-2016-5388 https://www.apache.org/security/asf-httpoxy-response.txt . Urgent patch needed for Arch Linux tomcat7 software to address a moderate-risk proxy injection vulnerability.. Arch Linux Security Update, Tomcat7 Issue, Proxy Configuration Flaw. . Severity: Medium. LinuxSecurity.com Team
Sep 22, 2016
•Medium
ArchLinux
198
security advisorysecurity issuemedium severityArch Linux: ASA-201609-7 Medium: Tomcat8 Proxy Injection Risk
The package tomcat8 before version 8.0.37-1 is vulnerable to proxy injection. . Arch Linux Security Advisory ASA-201609-7 ======================================== Severity: Medium Date : 2016-09-10 CVE-ID : CVE-2016-5388 Package : tomcat8 Type : proxy injection Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package tomcat8 before version 8.0.37-1 is vulnerable to proxy injection. Resolution ========= Upgrade to 8.0.37-1. # pacman -Syu "tomcat8> =8.0.37-1" The problems have been fixed upstream in version 8.0.37. Workaround ========= None. Description ========== It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. Impact ===== A remote attacker is able to use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. References ========= https://access.redhat.com/security/cve/CVE-2016-5388 https://www.apache.org/security/asf-httpoxy-response.txt . The Arch Linux Security Advisory ASA-202309-5 warns users of a proxy injection vulnerability in tomcat8, evaluated for its severity, with a patch now available. Arch Linux Advisory, Tomcat8 Security, Proxy Injection Issue. . Severity: Medium. LinuxSecurity.com Team
Sep 10, 2016
•Medium
ArchLinux
198
security advisoryhigh severitydrupalArch Linux ASA-202308-5 Critical: WordPress XML-RPC Authentication Bypass
The package drupal before version 8.1.7-1 is vulnerable to proxy injection via environment variable. . Arch Linux Security Advisory ASA-201607-9 ======================================== Severity: High Date : 2016-07-21 CVE-ID : CVE-2016-5385 Package : drupal Type : proxy injection Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package drupal before version 8.1.7-1 is vulnerable to proxy injection via environment variable. Resolution ========= Upgrade to 8.1.7-1. # pacman -Syu "drupal> =8.1.7-1" The problem has been fixed upstream in version 8.1.7. Workaround ========= Apache (.htaccess) RequestHeader unset Proxy NGINX/FastCGI fastcgi_param HTTP_PROXY ""; For any other service please visit: https://httpoxy.org/ Description ========== Drupal 8 uses the third-party PHP library Guzzle for making server-side HTTP requests. An attacker can provide a proxy server that Guzzle will use. This vulnerability is called 'httpoxy'. httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It comes down to a simple namespace conflict: RFC 3875 (CGI) puts the HTTP Proxy header from a request into the environment variables as HTTP_PROXY HTTP_PROXY is a popular environment variable used to configure an outgoing proxy This leads to a remotely exploitable vulnerability. If you’re running PHP or CGI, you should block the Proxy header now. Impact ===== A remote attacker is able to proxy the outgoing HTTP requests made by the web application, direct the server to open outgoing connections to an address and port of their choosing or tie up server resources by forcing the vulnerable software to use a malicious proxy. References ========= https://access.redhat.com/security/cve/CVE-2016-5385 https:// https://httpoxy.org/ https://bugzilla.redhat.com/show_bug.cgi?id=1353794 . The Fedora Security Advisory FSA-201805-12 emphasizes the urgentneed to patch a severe SQL injection vulnerability in WordPress prior to version 4.9.6.. Arch Linux, Proxy Injection, Drupal Security. . Severity: Critical. LinuxSecurity.com Team
Jul 22, 2016
•Critical
ArchLinux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!