Apache HTTPD CGI Application “Proxy:” Header Processing

Posted on Posted in Apache

Decription: Apache HTTPD CGI Application "Proxy:" Header Processing Flaw Lets Remote Users Redirect the Target CGI Application Requests to an Arbitrary Web Proxy in Certain Cases

On systems where the Apache HTTPD server is configured to proxy HTTP requests and the target CGI application relies on the HTTP_PROXY environment variable in a trusted manner, a remote user can send (or can conduct a man-in-the-middle attack to insert or modify) a specially crafted HTTP "Proxy:" header to cause the target CGI application to proxy HTTP connections to an arbitrary port on an arbitrary server. This can be exploited to set the HTTP_PROXY variable on the target CGI application server and cause CGI application server internal requests to be proxied, in certain cases.

Affected versions: all

Recommended action: The vendor has provided a patch (to 'server/util_script.c') to mitigate affected applications. The patch is available in the vendor's advisory.

Origin URLs:

One thought on “Apache HTTPD CGI Application “Proxy:” Header Processing

  1. Hi there! This post couldn’t be written any better!
    Reading through this post reminds me of my previous room
    mate! He always kept talking about this.
    I will forward this article to him. Pretty sure he will have a good read.
    Thank you for sharing!

Leave a Reply

Your email address will not be published. Required fields are marked *