4.3
CVSSv2

CVE-2016-5699

Published: 02/09/2016 Updated: 09/02/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) prior to 2.7.10 and 3.x prior to 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.

Vulnerability Trend

Affected Products

Vendor Product Versions
PythonPython2.7.9, 3.0, 3.0.1, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.3.5, 3.3.6, 3.4.0, 3.4.1, 3.4.2, 3.4.3

Vendor Advisories

It was found that Python's httplib library (used urllib, urllib2 and others) did not properly check HTTP header input in HTTPConnectionputheader() An attacker could use this flow to inject additional headers in a Python application that allows user provided header name or values (CVE-2016-5699 ) It was found that Python's smtplib library did not ...
Table of Contents• Description • Affected Products and Components • Mitigation and Upgrades • Vulnerability Descriptions and Ratings • Multiple Vulnerabilities in Python (CVE-2016-5636, CVE-2016-5699, CVE-2016-0772) (SPL-128812) • HTTP Request Injection in Splunk Web (SPL-128840) Description Multiple Vulnerabilities in Python ...
There are multiple vulnerabilities that affect IBM PureApplication System IBM PureApplication System has addressed vulnerabilities ...
Table of Contents• Description • Affected Products and Components • Mitigation and Upgrades • Vulnerability Descriptions and Ratings • OpenSSL vulnerabilities including SWEET32 addressed by version upgrade to 101u and 102j (SPL-129207) • Multiple Vulnerabilities in Python (CVE-2016-5636, CVE-2016-5699, CVE-2016-0772) (SPL-128812) ...
Table of Contents• Description • Affected Products and Components • Mitigation and Upgrades • Vulnerability Descriptions and Ratings • OpenSSL vulnerabilities including SWEET32 addressed by version upgrade to 101u and 102j (SPL-129207) • Multiple Vulnerabilities in Python (CVE-2016-5636, CVE-2016-5699, CVE-2016-0772) (SPL-128812) ...
Oracle Solaris Third Party Bulletin - July 2016 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Updat ...

Mailing Lists

net/http in Ruby HTTP Header suffers from an injection issue ...

Github Repositories

cve-2016-5699-report Reading Course Report This repo references an example simple-clientpy is a Python script to make HTTP requests to the URL passed from a command argument simple-serverpy uses Flask to construct a simple HTTP server to print the headers of received requests Set Up Install virtualenv, pip install virtualenv Get two versions of Python for comparison, one

CVE-2016-5699-poc PoC code of CVE-2016-5699 Vulnerability pocpy file is url sender to receiverpy receiverpy is Flask http receive headers testing Video : youtube/ugUt5iKpcV4 bunseokbot@UpRoot

代码注入、命令执行 1内置危险函数 exec execfile eval 2标准库危险模块 os subprocess commands 3危险第三方库 Template(user_input) : 模板注入(SSTI)所产生的代码执行 subprocess32 4反序列化 marshal PyYAML pickle和cpickle shelve PIL unzip Python沙箱逃逸的n种姿势 禁用import的情况下绕过python沙箱 Escaping the Python S