cURL / Mailing Lists / curl-users / Single Mail

curl-users

[ curl-Bugs-415391 ] Security issue with HTTP_PROXY

From: <noreply_at_sourceforge.net>
Date: Wed, 11 Apr 2001 07:02:36 -0700

Bugs item #415391, was updated on 2001-04-11 07:02
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=100976&aid=415391&group_id=976

Category: libcurl
Group: bad behaviour
Status: Open
Priority: 5
Submitted By: Cris Bailiff (crisb)
Assigned to: Daniel Stenberg (bagder)
Summary: Security issue with HTTP_PROXY

Initial Comment:
Curl/libcurl apparently checks HTTP_PROXY for proxy
information for requests.

When curl is used in a webserver application
environment (cgi or php), this environment variable can
be controlled by the web server user by setting the
http header 'Proxy:' to some value.

This can cause 'internal' http/ftp requests to be
arbitrarily redirected by any external attacker.

This issue was recently uncovered in LWP, the perl
library for http, which checks http_proxy in a
case-insensitive manner.

Curl should only check the lower case version of this
variable. This might not be enough on NT.

----------------------------------------------------------------------

You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=100976&aid=415391&group_id=976
Received on 2001-04-11

This message: [ Message body ]
Next message: noreply_at_sourceforge.net: "[ curl-Bugs-415393 ] perform without url segfaults"
Previous message: Daniel Stenberg: "A javacurl experience!"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]