Vulnerability Details CVE-2016-5385
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.799
EPSS Ranking 99.0%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 5.1
References
- http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html
- http://rhn.redhat.com/errata/RHSA-2016-1609.html
- http://rhn.redhat.com/errata/RHSA-2016-1610.html
- http://rhn.redhat.com/errata/RHSA-2016-1611.html
- http://rhn.redhat.com/errata/RHSA-2016-1612.html
- http://rhn.redhat.com/errata/RHSA-2016-1613.html
- http://www.debian.org/security/2016/dsa-3631
- http://www.kb.cert.org/vuls/id/797896
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/91821
- http://www.securitytracker.com/id/1036335
- https://bugzilla.redhat.com/show_bug.cgi?id=1353794
- https://github.com/guzzle/guzzle/releases/tag/6.2.1
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- https://httpoxy.org/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/
- https://security.gentoo.org/glsa/201611-22
- https://www.drupal.org/SA-CORE-2016-003
- http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html
- http://rhn.redhat.com/errata/RHSA-2016-1609.html
- http://rhn.redhat.com/errata/RHSA-2016-1610.html
- http://rhn.redhat.com/errata/RHSA-2016-1611.html
- http://rhn.redhat.com/errata/RHSA-2016-1612.html
- http://rhn.redhat.com/errata/RHSA-2016-1613.html
- http://www.debian.org/security/2016/dsa-3631
- http://www.kb.cert.org/vuls/id/797896
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/91821
- http://www.securitytracker.com/id/1036335
- https://bugzilla.redhat.com/show_bug.cgi?id=1353794
- https://github.com/guzzle/guzzle/releases/tag/6.2.1
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- https://httpoxy.org/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/
- https://security.gentoo.org/glsa/201611-22
- https://www.drupal.org/SA-CORE-2016-003
Products affected by CVE-2016-5385
-
cpe:2.3:a:drupal:drupal:8.0.0
-
cpe:2.3:a:drupal:drupal:8.0.1
-
cpe:2.3:a:drupal:drupal:8.0.2
-
cpe:2.3:a:drupal:drupal:8.0.3
-
cpe:2.3:a:drupal:drupal:8.0.4
-
cpe:2.3:a:drupal:drupal:8.0.5
-
cpe:2.3:a:drupal:drupal:8.0.6
-
cpe:2.3:a:drupal:drupal:8.1.0
-
cpe:2.3:a:drupal:drupal:8.1.1
-
cpe:2.3:a:drupal:drupal:8.1.2
-
cpe:2.3:a:drupal:drupal:8.1.3
-
cpe:2.3:a:drupal:drupal:8.1.4
-
cpe:2.3:a:drupal:drupal:8.1.5
-
cpe:2.3:a:drupal:drupal:8.1.6
-
cpe:2.3:a:hp:system_management_homepage:-
-
cpe:2.3:a:hp:system_management_homepage:2.0.0
-
cpe:2.3:a:hp:system_management_homepage:2.0.1
-
cpe:2.3:a:hp:system_management_homepage:2.0.1.104
-
cpe:2.3:a:hp:system_management_homepage:2.0.2
-
cpe:2.3:a:hp:system_management_homepage:2.0.2.106
-
cpe:2.3:a:hp:system_management_homepage:2.1
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-103
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-103(a)
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-109
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-118
-
cpe:2.3:a:hp:system_management_homepage:2.1.0.121
-
cpe:2.3:a:hp:system_management_homepage:2.1.1
-
cpe:2.3:a:hp:system_management_homepage:2.1.10
-
cpe:2.3:a:hp:system_management_homepage:2.1.10-186
-
cpe:2.3:a:hp:system_management_homepage:2.1.10.186
-
cpe:2.3:a:hp:system_management_homepage:2.1.11
-
cpe:2.3:a:hp:system_management_homepage:2.1.11-197
-
cpe:2.3:a:hp:system_management_homepage:2.1.11.197
-
cpe:2.3:a:hp:system_management_homepage:2.1.12-118
-
cpe:2.3:a:hp:system_management_homepage:2.1.12-200
-
cpe:2.3:a:hp:system_management_homepage:2.1.12.201
-
cpe:2.3:a:hp:system_management_homepage:2.1.14
-
cpe:2.3:a:hp:system_management_homepage:2.1.14.20
-
cpe:2.3:a:hp:system_management_homepage:2.1.15
-
cpe:2.3:a:hp:system_management_homepage:2.1.15-210
-
cpe:2.3:a:hp:system_management_homepage:2.1.15.210
-
cpe:2.3:a:hp:system_management_homepage:2.1.2
-
cpe:2.3:a:hp:system_management_homepage:2.1.2-127
-
cpe:2.3:a:hp:system_management_homepage:2.1.2.127
-
cpe:2.3:a:hp:system_management_homepage:2.1.3
-
cpe:2.3:a:hp:system_management_homepage:2.1.3.132
-
cpe:2.3:a:hp:system_management_homepage:2.1.4
-
cpe:2.3:a:hp:system_management_homepage:2.1.4-143
-
cpe:2.3:a:hp:system_management_homepage:2.1.4.143
-
cpe:2.3:a:hp:system_management_homepage:2.1.5
-
cpe:2.3:a:hp:system_management_homepage:2.1.5-146
-
cpe:2.3:a:hp:system_management_homepage:2.1.5.146
-
cpe:2.3:a:hp:system_management_homepage:2.1.6
-
cpe:2.3:a:hp:system_management_homepage:2.1.6-156
-
cpe:2.3:a:hp:system_management_homepage:2.1.6.156
-
cpe:2.3:a:hp:system_management_homepage:2.1.7
-
cpe:2.3:a:hp:system_management_homepage:2.1.7-168
-
cpe:2.3:a:hp:system_management_homepage:2.1.7.168
-
cpe:2.3:a:hp:system_management_homepage:2.1.8
-
cpe:2.3:a:hp:system_management_homepage:2.1.8-177
-
cpe:2.3:a:hp:system_management_homepage:2.1.8.179
-
cpe:2.3:a:hp:system_management_homepage:2.1.9
-
cpe:2.3:a:hp:system_management_homepage:2.1.9-178
-
cpe:2.3:a:hp:system_management_homepage:2.2.6
-
cpe:2.3:a:hp:system_management_homepage:2.2.8
-
cpe:2.3:a:hp:system_management_homepage:3.0.0
-
cpe:2.3:a:hp:system_management_homepage:3.0.0-68
-
cpe:2.3:a:hp:system_management_homepage:3.0.0.64
-
cpe:2.3:a:hp:system_management_homepage:3.0.1
-
cpe:2.3:a:hp:system_management_homepage:3.0.1-73
-
cpe:2.3:a:hp:system_management_homepage:3.0.1.73
-
cpe:2.3:a:hp:system_management_homepage:3.0.2
-
cpe:2.3:a:hp:system_management_homepage:3.0.2-77
-
cpe:2.3:a:hp:system_management_homepage:3.0.2.77
-
cpe:2.3:a:hp:system_management_homepage:3.2.2
-
cpe:2.3:a:hp:system_management_homepage:3.2.7
-
cpe:2.3:a:hp:system_management_homepage:6.0
-
cpe:2.3:a:hp:system_management_homepage:6.0.0-95
-
cpe:2.3:a:hp:system_management_homepage:6.0.0.96
-
cpe:2.3:a:hp:system_management_homepage:6.1
-
cpe:2.3:a:hp:system_management_homepage:6.1.0-103
-
cpe:2.3:a:hp:system_management_homepage:6.1.0.102
-
cpe:2.3:a:hp:system_management_homepage:6.2.0
-
cpe:2.3:a:hp:system_management_homepage:6.2.2.7
-
cpe:2.3:a:hp:system_management_homepage:6.3.0
-
cpe:2.3:a:hp:system_management_homepage:6.3.1
-
cpe:2.3:a:hp:system_management_homepage:7.0
-
cpe:2.3:a:hp:system_management_homepage:7.1
-
cpe:2.3:a:hp:system_management_homepage:7.2
-
cpe:2.3:a:hp:system_management_homepage:7.2.1
-
cpe:2.3:a:hp:system_management_homepage:7.4.0
-
cpe:2.3:a:hp:system_management_homepage:7.5.3.1
-
cpe:2.3:a:hp:system_management_homepage:7.5.4.3
-
cpe:2.3:a:hp:system_management_homepage:7.5.5.0
-
cpe:2.3:a:oracle:communications_user_data_repository:10.0.0
-
cpe:2.3:a:oracle:communications_user_data_repository:10.0.1
-
cpe:2.3:a:oracle:communications_user_data_repository:12.0.0
-
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2
-
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2
-
cpe:2.3:a:php:php:5.5.0
-
cpe:2.3:a:php:php:5.5.1
-
cpe:2.3:a:php:php:5.5.10
-
cpe:2.3:a:php:php:5.5.11
-
cpe:2.3:a:php:php:5.5.12
-
cpe:2.3:a:php:php:5.5.13
-
cpe:2.3:a:php:php:5.5.14
-
cpe:2.3:a:php:php:5.5.15
-
cpe:2.3:a:php:php:5.5.16
-
cpe:2.3:a:php:php:5.5.17
-
cpe:2.3:a:php:php:5.5.18
-
cpe:2.3:a:php:php:5.5.19
-
cpe:2.3:a:php:php:5.5.2
-
cpe:2.3:a:php:php:5.5.20
-
cpe:2.3:a:php:php:5.5.21
-
cpe:2.3:a:php:php:5.5.22
-
cpe:2.3:a:php:php:5.5.23
-
cpe:2.3:a:php:php:5.5.24
-
cpe:2.3:a:php:php:5.5.25
-
cpe:2.3:a:php:php:5.5.26
-
cpe:2.3:a:php:php:5.5.27
-
cpe:2.3:a:php:php:5.5.28
-
cpe:2.3:a:php:php:5.5.29
-
cpe:2.3:a:php:php:5.5.3
-
cpe:2.3:a:php:php:5.5.30
-
cpe:2.3:a:php:php:5.5.31
-
cpe:2.3:a:php:php:5.5.32
-
cpe:2.3:a:php:php:5.5.33
-
cpe:2.3:a:php:php:5.5.34
-
cpe:2.3:a:php:php:5.5.35
-
cpe:2.3:a:php:php:5.5.36
-
cpe:2.3:a:php:php:5.5.37
-
cpe:2.3:a:php:php:5.5.4
-
cpe:2.3:a:php:php:5.5.5
-
cpe:2.3:a:php:php:5.5.6
-
cpe:2.3:a:php:php:5.5.7
-
cpe:2.3:a:php:php:5.5.8
-
cpe:2.3:a:php:php:5.5.9
-
cpe:2.3:a:php:php:5.6.0
-
cpe:2.3:a:php:php:5.6.1
-
cpe:2.3:a:php:php:5.6.10
-
cpe:2.3:a:php:php:5.6.11
-
cpe:2.3:a:php:php:5.6.12
-
cpe:2.3:a:php:php:5.6.13
-
cpe:2.3:a:php:php:5.6.14
-
cpe:2.3:a:php:php:5.6.15
-
cpe:2.3:a:php:php:5.6.16
-
cpe:2.3:a:php:php:5.6.17
-
cpe:2.3:a:php:php:5.6.18
-
cpe:2.3:a:php:php:5.6.19
-
cpe:2.3:a:php:php:5.6.2
-
cpe:2.3:a:php:php:5.6.20
-
cpe:2.3:a:php:php:5.6.21
-
cpe:2.3:a:php:php:5.6.22
-
cpe:2.3:a:php:php:5.6.23
-
cpe:2.3:a:php:php:5.6.3
-
cpe:2.3:a:php:php:5.6.4
-
cpe:2.3:a:php:php:5.6.5
-
cpe:2.3:a:php:php:5.6.6
-
cpe:2.3:a:php:php:5.6.7
-
cpe:2.3:a:php:php:5.6.8
-
cpe:2.3:a:php:php:5.6.9
-
cpe:2.3:a:php:php:7.0.0
-
cpe:2.3:a:php:php:7.0.1
-
cpe:2.3:a:php:php:7.0.2
-
cpe:2.3:a:php:php:7.0.3
-
cpe:2.3:a:php:php:7.0.4
-
cpe:2.3:a:php:php:7.0.5
-
cpe:2.3:a:php:php:7.0.6
-
cpe:2.3:a:php:php:7.0.7
-
cpe:2.3:a:php:php:7.0.8
-
cpe:2.3:h:hp:storeever_msl6480_tape_library:-
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:fedoraproject:fedora:23
-
cpe:2.3:o:fedoraproject:fedora:24
-
cpe:2.3:o:hp:storeever_msl6480_tape_library_firmware:5.09
-
cpe:2.3:o:opensuse:leap:42.1
-
cpe:2.3:o:oracle:linux:6
-
cpe:2.3:o:oracle:linux:7
-
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
-
cpe:2.3:o:redhat:enterprise_linux_server:6.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0