CVE-2016-8743

MEDIUM

Description

Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.

References

http://rhn.redhat.com/errata/RHSA-2017-1415.html

http://www.debian.org/security/2017/dsa-3796

http://www.securityfocus.com/bid/95077

http://www.securitytracker.com/id/1037508

https://access.redhat.com/errata/RHSA-2017:0906

https://access.redhat.com/errata/RHSA-2017:1161

https://access.redhat.com/errata/RHSA-2017:1413

https://access.redhat.com/errata/RHSA-2017:1414

https://access.redhat.com/errata/RHSA-2017:1721

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03753en_us

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us

https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-8743

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://security.gentoo.org/glsa/201701-36

https://security.netapp.com/advisory/ntap-20180423-0001/

https://support.apple.com/HT208221

https://www.tenable.com/security/tns-2017-04

Details

Source: MITRE

Published: 2017-07-27

Updated: 2018-04-25

Type: CWE-19

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*

Tenable Plugins

View all (52 total)

ID	Name	Product	Family	Severity
144777	IBM HTTP Server 7.0.0.0 < 7.0.0.43 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.3 Response Splitting (289001)	Nessus	Web Servers	medium
127360	NewStart CGSL MAIN 4.05 : httpd Multiple Vulnerabilities (NS-SA-2019-0118)	Nessus	NewStart CGSL Local Security Checks	critical
124922	EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419)	Nessus	Huawei Local Security Checks	high
700511	macOS < 10.13 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	critical
98910	Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)	Web Application Scanning	Component Vulnerability	medium
119218	Virtuozzo 6 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-1721)	Nessus	Virtuozzo Local Security Checks	medium
118291	SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2815-2)	Nessus	SuSE Local Security Checks	medium
117789	openSUSE Security Update : apache2 (openSUSE-2018-1046)	Nessus	SuSE Local Security Checks	medium
117695	SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2815-1)	Nessus	SuSE Local Security Checks	medium
117316	RHEL 6 : JBoss Core Services (RHSA-2017:1414)	Nessus	Red Hat Local Security Checks	high
117315	RHEL 7 : JBoss Core Services (RHSA-2017:1413)	Nessus	Red Hat Local Security Checks	high
112199	SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2554-1)	Nessus	SuSE Local Security Checks	medium
110056	F5 Networks BIG-IP : Apache vulnerability (K00373024)	Nessus	F5 Networks Local Security Checks	medium
108520	Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)	Nessus	Junos Local Security Checks	critical
104379	macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004)	Nessus	MacOS X Local Security Checks	critical
103598	macOS < 10.13 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
103530	HP System Management Homepage < 7.6.1 Multiple Vulnerabilities (HPSBMU03753)	Nessus	Web Servers	medium
102178	Amazon Linux AMI : httpd24 (ALAS-2017-863)	Nessus	Amazon Linux Local Security Checks	high
101488	CentOS 6 : httpd (CESA-2017:1721)	Nessus	CentOS Local Security Checks	medium
101445	Virtuozzo 7 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-0906)	Nessus	Virtuozzo Local Security Checks	medium
101387	Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20170711)	Nessus	Scientific Linux Local Security Checks	medium
101385	RHEL 6 : httpd (RHSA-2017:1721)	Nessus	Red Hat Local Security Checks	medium
101382	Oracle Linux 6 : httpd (ELSA-2017-1721)	Nessus	Oracle Linux Local Security Checks	medium
101044	Tenable SecurityCenter Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)	Nessus	Misc.	high
101004	Amazon Linux AMI : httpd (ALAS-2017-851)	Nessus	Amazon Linux Local Security Checks	medium
100098	Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : apache2 vulnerabilities (USN-3279-1)	Nessus	Ubuntu Local Security Checks	medium
99952	EulerOS 2.0 SP2 : httpd (EulerOS-SA-2017-1086)	Nessus	Huawei Local Security Checks	medium
99951	EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1085)	Nessus	Huawei Local Security Checks	medium
99930	Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32)	Nessus	Misc.	high
99379	CentOS 7 : httpd (CESA-2017:0906)	Nessus	CentOS Local Security Checks	medium
99350	Scientific Linux Security Update : httpd on SL7.x x86_64 (20170412)	Nessus	Scientific Linux Local Security Checks	medium
99340	RHEL 7 : httpd (RHSA-2017:0906)	Nessus	Red Hat Local Security Checks	medium
99329	Oracle Linux 7 : httpd (ELSA-2017-0906)	Nessus	Oracle Linux Local Security Checks	medium
99155	openSUSE Security Update : apache2 (openSUSE-2017-417)	Nessus	SuSE Local Security Checks	medium
99154	openSUSE Security Update : apache2 (openSUSE-2017-416)	Nessus	SuSE Local Security Checks	medium
99134	macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy)	Nessus	MacOS X Local Security Checks	critical
97916	SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0801-1)	Nessus	SuSE Local Security Checks	medium
97912	SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0797-1)	Nessus	SuSE Local Security Checks	medium
97831	SUSE SLES11 Security Update : apache2 (SUSE-SU-2017:0729-1)	Nessus	SuSE Local Security Checks	medium
97726	Tenable SecurityCenter 5.x < 5.4.3 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)	Nessus	Misc.	medium
97438	Debian DLA-841-2 : apache2 regression update	Nessus	Debian Local Security Checks	medium
97400	Debian DSA-3796-1 : apache2 - security update	Nessus	Debian Local Security Checks	medium
9908	Apache HTTP Server 2.4.x < 2.4.25 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	medium
96631	Amazon Linux AMI : httpd24 (ALAS-2017-785)	Nessus	Amazon Linux Local Security Checks	medium
96516	GLSA-201701-36 : Apache: Multiple vulnerabilities (httpoxy)	Nessus	Gentoo Local Security Checks	medium
96451	Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)	Nessus	Web Servers	medium
96450	Apache 2.2.x < 2.2.32 Multiple Vulnerabilities (httpoxy)	Nessus	Web Servers	medium
96114	Fedora 24 : httpd (2016-d22f50d985)	Nessus	Fedora Local Security Checks	medium
96111	Fedora 25 : httpd (2016-8d9b62c784)	Nessus	Fedora Local Security Checks	medium
96090	Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2016-358-01) (httpoxy)	Nessus	Slackware Local Security Checks	medium
96037	FreeBSD : Apache httpd -- several vulnerabilities (862d6ab3-c75e-11e6-9f98-20cf30e32f6d) (httpoxy)	Nessus	FreeBSD Local Security Checks	medium
9486	Apache HTTP Server 2.2.x < 2.2.32 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	medium