CVE-2016-5699

CVSS V2 Medium 4.3 CVSS V3 Medium 6.1
Description
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.
Overview
  • CVE ID
  • CVE-2016-5699
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2016-09-02T14:59:07
  • Last Modified Date
  • 2023-02-12T23:24:30
Weakness Enumerations
CWE URL
CWE-113 http://cwe.mitre.org/data/definitions/113.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:python:python:*:*:*:*:*:*:*:* 1 OR 2.7.9
cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.3.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.3.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:python:python:3.4.3:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:N/I:P/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • NONE
  • Base Score
  • 4.3
  • Severity
  • MEDIUM
  • Exploitability Score
  • 8.6
  • Impact Score
  • 2.9
CVSS Version 3
  • Version
  • 3.0
  • Vector String
  • CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • REQUIRED
  • Scope
  • CHANGED
  • Confidentiality Impact
  • LOW
  • Availability Impact
  • NONE
  • Base Score
  • 6.1
  • Base Severity
  • MEDIUM
  • Exploitability Score
  • 2.8
  • Impact Score
  • 2.7
References
Reference URL Reference Tags
http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html Exploit Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
http://rhn.redhat.com/errata/RHSA-2016-1626.html
http://rhn.redhat.com/errata/RHSA-2016-1627.html
http://rhn.redhat.com/errata/RHSA-2016-1628.html
http://rhn.redhat.com/errata/RHSA-2016-1629.html
http://rhn.redhat.com/errata/RHSA-2016-1630.html
http://www.openwall.com/lists/oss-security/2016/06/14/7 Mailing List
http://www.openwall.com/lists/oss-security/2016/06/15/12 Mailing List
http://www.openwall.com/lists/oss-security/2016/06/16/2 Mailing List
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
http://www.securityfocus.com/bid/91226
http://www.splunk.com/view/SP-CAAAPSV
http://www.splunk.com/view/SP-CAAAPUE
https://access.redhat.com/errata/RHSA-2016:1626
https://access.redhat.com/errata/RHSA-2016:1627
https://access.redhat.com/errata/RHSA-2016:1628
https://access.redhat.com/errata/RHSA-2016:1629
https://access.redhat.com/errata/RHSA-2016:1630
https://access.redhat.com/security/cve/CVE-2016-5699
https://bugzilla.redhat.com/show_bug.cgi?id=1303699
https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4 Release Notes
https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS Release Notes
https://hg.python.org/cpython/rev/1c45047c5102 Patch
https://hg.python.org/cpython/rev/bf3e1c9b80e9 Patch
https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2016-5699
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699
History
Created Old Value New Value Data Type Notes
2022-05-10 07:59:02 Added to TrackCVE
2022-12-02 10:59:31 2016-09-02T14:59Z 2016-09-02T14:59:07 CVE Published Date updated
2022-12-02 10:59:31 2019-02-09T11:29:01 CVE Modified Date updated
2022-12-02 10:59:31 Modified Vulnerability Status updated
2023-02-02 23:05:36 2023-02-02T21:17:14 CVE Modified Date updated
2023-02-02 23:05:36 CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. Description updated
2023-02-02 23:05:41 References updated
2023-02-13 01:06:41 2023-02-12T23:24:30 CVE Modified Date updated
2023-02-13 01:06:41 It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. Description updated