FreeBSD : Multiple ports -- Proxy HTTP header vulnerability (httpoxy) (cf0b5668-4d1b-11e6-b2ec-b499baebfeaf)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description : reports :

httpoxy is a set of vulnerabilities that affect application code
running in CGI, or CGI-like environments. It comes down to a simple
namespace conflict:.

- RFC 3875 (CGI) puts the HTTP Proxy header from a request into the
environment variables as HTTP_PROXY

- HTTP_PROXY is a popular environment variable used to configure an
outgoing proxy

This leads to a remotely exploitable vulnerability.

See also :

Solution :

Update the affected packages.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 92395 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now