CVE-2016-8743

MEDIUM

Description

Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.

References

http://rhn.redhat.com/errata/RHSA-2017-1415.html

http://www.debian.org/security/2017/dsa-3796

http://www.securityfocus.com/bid/95077

http://www.securitytracker.com/id/1037508

https://access.redhat.com/errata/RHSA-2017:0906

https://access.redhat.com/errata/RHSA-2017:1161

https://access.redhat.com/errata/RHSA-2017:1413

https://access.redhat.com/errata/RHSA-2017:1414

https://access.redhat.com/errata/RHSA-2017:1721

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03753en_us

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us

https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-8743

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://security.gentoo.org/glsa/201701-36

https://security.netapp.com/advisory/ntap-20180423-0001/

https://support.apple.com/HT208221

https://www.tenable.com/security/tns-2017-04

Details

Source: MITRE

Published: 2017-07-27

Updated: 2021-03-30

Type: CWE-19

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*

Tenable Plugins

View all (52 total)

IDNameProductFamilySeverity
144777IBM HTTP Server 7.0.0.0 < 7.0.0.43 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.3 Response Splitting (289001)NessusWeb Servers
medium
127360NewStart CGSL MAIN 4.05 : httpd Multiple Vulnerabilities (NS-SA-2019-0118)NessusNewStart CGSL Local Security Checks
critical
124922EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419)NessusHuawei Local Security Checks
high
700511macOS < 10.13 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
98910Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)Web Application ScanningComponent Vulnerability
medium
119218Virtuozzo 6 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-1721)NessusVirtuozzo Local Security Checks
medium
118291SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2815-2)NessusSuSE Local Security Checks
medium
117789openSUSE Security Update : apache2 (openSUSE-2018-1046)NessusSuSE Local Security Checks
medium
117695SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2815-1)NessusSuSE Local Security Checks
medium
117316RHEL 6 : JBoss Core Services (RHSA-2017:1414)NessusRed Hat Local Security Checks
high
117315RHEL 7 : JBoss Core Services (RHSA-2017:1413)NessusRed Hat Local Security Checks
high
112199SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2554-1)NessusSuSE Local Security Checks
medium
110056F5 Networks BIG-IP : Apache vulnerability (K00373024)NessusF5 Networks Local Security Checks
medium
108520Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)NessusJunos Local Security Checks
critical
104379macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004)NessusMacOS X Local Security Checks
critical
103598macOS < 10.13 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
103530HP System Management Homepage < 7.6.1 Multiple Vulnerabilities (HPSBMU03753)NessusWeb Servers
medium
102178Amazon Linux AMI : httpd24 (ALAS-2017-863)NessusAmazon Linux Local Security Checks
high
101488CentOS 6 : httpd (CESA-2017:1721)NessusCentOS Local Security Checks
medium
101445Virtuozzo 7 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-0906)NessusVirtuozzo Local Security Checks
medium
101387Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20170711)NessusScientific Linux Local Security Checks
medium
101385RHEL 6 : httpd (RHSA-2017:1721)NessusRed Hat Local Security Checks
medium
101382Oracle Linux 6 : httpd (ELSA-2017-1721)NessusOracle Linux Local Security Checks
medium
101044Tenable SecurityCenter Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)NessusMisc.
high
101004Amazon Linux AMI : httpd (ALAS-2017-851)NessusAmazon Linux Local Security Checks
medium
100098Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : apache2 vulnerabilities (USN-3279-1)NessusUbuntu Local Security Checks
medium
99952EulerOS 2.0 SP2 : httpd (EulerOS-SA-2017-1086)NessusHuawei Local Security Checks
medium
99951EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1085)NessusHuawei Local Security Checks
medium
99930Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32)NessusMisc.
high
99379CentOS 7 : httpd (CESA-2017:0906)NessusCentOS Local Security Checks
medium
99350Scientific Linux Security Update : httpd on SL7.x x86_64 (20170412)NessusScientific Linux Local Security Checks
medium
99340RHEL 7 : httpd (RHSA-2017:0906)NessusRed Hat Local Security Checks
medium
99329Oracle Linux 7 : httpd (ELSA-2017-0906)NessusOracle Linux Local Security Checks
medium
99155openSUSE Security Update : apache2 (openSUSE-2017-417)NessusSuSE Local Security Checks
medium
99154openSUSE Security Update : apache2 (openSUSE-2017-416)NessusSuSE Local Security Checks
medium
99134macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy)NessusMacOS X Local Security Checks
critical
97916SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0801-1)NessusSuSE Local Security Checks
medium
97912SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0797-1)NessusSuSE Local Security Checks
medium
97831SUSE SLES11 Security Update : apache2 (SUSE-SU-2017:0729-1)NessusSuSE Local Security Checks
medium
97726Tenable SecurityCenter 5.x < 5.4.3 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)NessusMisc.
medium
97438Debian DLA-841-2 : apache2 regression updateNessusDebian Local Security Checks
medium
97400Debian DSA-3796-1 : apache2 - security updateNessusDebian Local Security Checks
medium
9908Apache HTTP Server 2.4.x < 2.4.25 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
96631Amazon Linux AMI : httpd24 (ALAS-2017-785)NessusAmazon Linux Local Security Checks
medium
96516GLSA-201701-36 : Apache: Multiple vulnerabilities (httpoxy)NessusGentoo Local Security Checks
medium
96451Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)NessusWeb Servers
medium
96450Apache 2.2.x < 2.2.32 Multiple Vulnerabilities (httpoxy)NessusWeb Servers
medium
96114Fedora 24 : httpd (2016-d22f50d985)NessusFedora Local Security Checks
medium
96111Fedora 25 : httpd (2016-8d9b62c784)NessusFedora Local Security Checks
medium
96090Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2016-358-01) (httpoxy)NessusSlackware Local Security Checks
medium
96037FreeBSD : Apache httpd -- several vulnerabilities (862d6ab3-c75e-11e6-9f98-20cf30e32f6d) (httpoxy)NessusFreeBSD Local Security Checks
medium
9486Apache HTTP Server 2.2.x < 2.2.32 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium