Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Amazon Linux Local Check: alas-2016-741

Information

Severity

Severity

Critical

Family

Family

Amazon Linux Local Security Checks

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

6 years ago

Modified

Modified

4 years ago

Summary

Amazon Linux Local Security Checks

Insight

Insight

It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request.

Solution

Solution

Run yum update python34 to update your system. Run yum update python27 to update your system. Run yum update python26 to update your system.

Common Vulnerabilities and Exposures (CVE)