SB2016050802 - Multiple vulnerabilities in SAN Volume Controller, Storwize family and FlashSystem V9000 products 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016050802

SB2016050802 - Multiple vulnerabilities in SAN Volume Controller, Storwize family and FlashSystem V9000 products

Published: May 8, 2016 Updated: July 17, 2023

Security Bulletin ID SB2016050802
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 50% Medium 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Environment variable injection in TYPO3 (CVE-ID: CVE-2016-5385)

The vulnerability allows a remote attacker to redirect an application's outbound HTTP traffic.

The vulnerability exists in TYPO3 CMS. A remote attacker can redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request.

Successful exploitation of this vulnerability may result in XSS attack and data injection.

2) Improper access control (CVE-ID: CVE-2016-5386)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.


3) Httpoxy issue (CVE-ID: CVE-2016-5387)

The vulnerability allows a remote attacker to obtain potentially sensitive information and compromise vulnerable server.

The vulnerability exists due to a design error in multiple implementations of web servers. A remote unauthenticated attacker can use a specially crafted Proxy header in HTTP request to influence HTTP_PROXY environment variable and redirect application’s HTTP traffic to arbitrary proxy server.

Successful exploitation of this vulnerability may allow an attacker to gain unauthorized access to sensitive information and compromise vulnerable server.

This vulnerability is known as httppoxy.


4) Improper access control (CVE-ID: CVE-2016-5388)

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable. A remote attacker can redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.


Remediation

Install update from vendor's website.

References