Dan on Security

HTTPoxy - Web/CGI Data Leakage Vulnerability HTTPoxy - Web/CGI Data Leakage Vulnerability (nakedsecurity.sophos.com)

Httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It comes down to a simple namespace conflict: - RFC 3875 (CGI) puts the HTTP Proxy header from a request into the environment variables as HTTP_PROXY
- HTTP_PROXY is a popular environment variable used to configure an outgoing proxy

This means that if you send any requests from your web server to a CGI engine such as PHP (php-fpm, mod_php), you might be at risk of data leakage as an attacher could easily rewrite the http_proxy environment variable used by the CGI application to send an internal connection through a malicious server.

Fortunately this is easy to patch (simply block the Proxy header) on the web server, e.g:
- NGINX: fastcgi_param HTTP_PROXY "";
- Apache: RequestHeader unset Proxy early
- Others

submitted by daniel over 4 years ago, voted 0 times

Open | 1 comments

sort: new | voted | magic | mine

Tags
vulnerability (12)
ssl (6)
dns (4)
ios (3)
certificates (3)
superfish (3)
android (3)
china (3)
car (2)
hacking (2)
encryption (2)
tls (2)
mac (2)
hack (2)
malware (2)
rails (2)
car (2)
hacking (2)
pegasus (1)
trident (1)

Functions
- Render: new | old