Bug 745636 (CVE-2011-3624) - CVE-2011-3624 Ruby WEBrick::HTTPRequest X-Forwarded-* allows arbitrary data
Summary: CVE-2011-3624 Ruby WEBrick::HTTPRequest X-Forwarded-* allows arbitrary data
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2011-3624
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 809206
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-10-12 21:30 UTC by Kurt Seifried
Modified: 2019-09-29 12:48 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-12-11 08:37:42 UTC


Attachments (Terms of Use)

Comment 1 Kurt Seifried 2011-10-12 21:39:42 UTC
Various methods in WEBrick::HTTPRequest in Ruby 1.9.2-p290 and
1.8.7-p352 and earlier and do not validate the X-Forwarded-For,
X-Forwarded-Host and X-Forwarded-Server headers in requests, which might
allow remote attackers to inject arbitrary text into log files or bypass
intended address parsing via a crafted header.

https://redmine.ruby-lang.org/issues/5418

Rating is low due to limited impact (log file corruption/etc.), exploitation via another user requires man in the middle or control of a web proxy used by the user.


Note You need to log in before you can comment on or make changes to this bug.