KB Article | Forcepoint Support

Problem Description

Published Date: September 13, 2016
Last Update: April 4, 2017
KBA Status: Final
KBA Severity: High
CVE Numbers:
CVE-2016-4553
CVE-2016-4554
 
KBA Summary

The Forcepoint Product Security Incident Response Team is investigating these security vulnerabilities and their impact on Forcepoint products. This article will be updated after assessments and fixes are completed, if applicable.

Host of Troubles (HoT) is a set of vulnerabilities that may affect the HTTP implementation or standard, systems that are non-compliant with RFC 7230 or specifically, the HTTP protocol. The vulnerability is exploited by crafting HTTP requests with ambiguous host information (i.e., inconsistent interpretations between source and destination). This can lead to potential HTTP cache poisoning and bypassing of security policies.

Products Under Review

PSIRT has completed its assessments.

Affected Products

Not applicable.

Not Vulnerable
 
  • Forcepoint URL Filtering (formerly Web Filter & Security) and Web Filter, Web Security
  • Forcepoint Web Security Cloud and Forcepoint Email Security Cloud (formerly TRITON AP-WEB (cloud) and TRITON AP-EMAIL (cloud))
  • Forcepoint Web Security (formerly TRITON AP-WEB (on premises)) and Web Security Gateway
          
KBA Detailed Information

The following descriptions are from the CVE website:

CVE-2016-4553

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.

CVE-2016-4554

mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.

 
CVE References




 

Resolution

For convenience, the Resolution section will show the product names used at the time of release.

Workarounds

Not applicable.

Hotfix and Information About Other Fixes

Not applicable.




keywords: vulnerability; cve
 

Article Feedback



Thank you for the feedback and comments.