16 matches found
MiracleLinux 4 : python-twisted-web-8.2.0-5.AXS4 (AXSA:2016-689:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-689:01 advisory. Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Pytho...
BELL-CVE-2016-1000111 CVE-2016-1000111 does not affect BellSoft software
Bulletin has no description...
Mageia: Security Advisory (MGASA-2016-0340)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0114-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-1000111
creationtimestamp| type| source ---|---|--- 2020-03-11 23:32:08+00:00| seen| https://t.me/cibsecurity/10461...
CVE-2016-1000111
CVE-2016-1000111 affects Twisted before 16.3.1, where the Proxy header can initialize HTTP_PROXY for CGI scripts, enabling potential redirection of outbound traffic to an attacker-controlled proxy (httpoxy). Connected advisories (e.g., Red Hat RHSA-2018:0273, SUSE SUSE-SU-2017:0114-1, Ubuntu USN-...
SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2017:0114-1)
This update for python-Twisted fixes the following issues : - CVE-2016-1000111: sets environmental variable HTTPPROXY based on user supplied Proxy request header bsc989997 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...
Important: Red Hat Security Advisory: Red Hat Satellite 6 security, bug fix, and enhancement update
An update is now available for Red Hat Satellite 6.2 for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
openSUSE Security Update : python-Twisted (openSUSE-2016-1482)
This update for python-Twisted fixes the following issues : - No longer automatically export the httpproxy environment variable to avoid the proxy being trusted by unaware applications, if a Proxy request header is supplied boo989997, CVE-2016-1000111 %NASLMINLEVEL 70300 C Tenable Network Securit...
RedHat Update for python-twisted-web RHSA-2016:1978-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for python-twisted-web CESA-2016:1978 centos6
Check the version of python-twisted-web SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882570";...
CentOS Update for python-twisted-web CESA-2016:1978 centos7
Check the version of python-twisted-web SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882568";...
CentOS 6 / 7 : python-twisted-web (CESA-2016:1978)
An update for python-twisted-web is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Oracle Linux 6 / 7 : python-twisted-web (ELSA-2016-1978)
The remote Oracle Linux 6 / 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2016-1978 advisory. 8.2.0-5 - Rebase HTTPoxy patch and bump release for rebuild Resolves: rhbz1358789 8.2.0-4 - Fix HTTPoxy CVE-2016-1000111 Resolves: rhbz1358789 Tenable has...
python-twisted-web security update
8.2.0-5 - Rebase HTTPoxy patch and bump release for rebuild Resolves: rhbz1358789 8.2.0-4 - Fix HTTPoxy CVE-2016-1000111 Resolves: rhbz1358789...
CVE-2016-1000111
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI application's outbou...