|
|
|||
Release Date:2016/08/22
Attack Name:WEB Multiple Products HTTP_PROXY Traffic Redirection (CVE-2016-5386)
Severity:
BUG ID:
CVE ID:
| Description:
|
A traffic redirection vulnerability has been reported in the following products: PHP, Go, Apache HTTP Server, Apache Tomcat, HHVM, Lighttpd, Nginx and Python. This vulnerability allows attackers to set the HTTP_PROXY environment variable using the Proxy HTTP header.
Impact:Information disclosure
Affected System:Windows, Linux, FreeBSD, Solaris, Other Unix
Additional References:CVE-2016-5386
| Solution:
|
Update vendor's patch.