阿里云漏洞库

低危在HTTP标头中的冒号之前，通过错误处理的空白走私HTTP请求

CVE编号

CVE-2019-16869

利用情况

暂无

补丁情况

官方补丁

披露时间

2019-09-27

漏洞描述

在4.1.42.Final之前的Netty最终在HTTP标头（例如“ Transfer-Encoding：chunked”行）中冒号之前的空格错误处理，这会导致HTTP请求走私。

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://access.redhat.com/errata/RHSA-2019:3892
https://access.redhat.com/errata/RHSA-2019:3901
https://access.redhat.com/errata/RHSA-2020:0159
https://access.redhat.com/errata/RHSA-2020:0160
https://access.redhat.com/errata/RHSA-2020:0161
https://access.redhat.com/errata/RHSA-2020:0164
https://access.redhat.com/errata/RHSA-2020:0445
https://github.com/netty/netty/compare/netty-4.1.41.Final...netty-4.1.42.Final
https://github.com/netty/netty/issues/9571
https://lists.apache.org/thread.html/0acadfb96176768caac79b404110df62d14d30aa...
https://lists.apache.org/thread.html/19fed892608db1efe5a5ce14372137669ff639df...
https://lists.apache.org/thread.html/2494a2ac7f66af6e4646a4937b17972a4ec7cd3c...
https://lists.apache.org/thread.html/2e1cf538b502713c2c42ffa46d81f4688edb5676...
https://lists.apache.org/thread.html/35961d1ae00849974353a932b4fef12ebce07454...
https://lists.apache.org/thread.html/37ed432b8eb35d8bd757f53783ec3e334bd51f51...
https://lists.apache.org/thread.html/380f6d2730603a2cd6b0a8bea9bcb21a86c19914...
https://lists.apache.org/thread.html/3e6d7aae1cca10257e3caf2d69b22f74c875f12a...
https://lists.apache.org/thread.html/51923a9ba513b2e816e02a9d1fd8aa6f12e3e4e9...
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d...
https://lists.apache.org/thread.html/6063699b87b501ecca8dd3b0e82251bfc85f2936...
https://lists.apache.org/thread.html/64b10f49c68333aaecf00348c5670fe182e49fd6...
https://lists.apache.org/thread.html/681493a2f9b63f5b468f741d88d1aa51b2cfcf7a...
https://lists.apache.org/thread.html/6e1e34c0d5635a987d595df9e532edac21230724...
https://lists.apache.org/thread.html/76540c8b0ed761bfa6c81fa28c13057f13a5448a...
https://lists.apache.org/thread.html/799eb85d67cbddc1851a3e63a07b55e95b2f44f1...
https://lists.apache.org/thread.html/860acce024d79837e963a51a42bab2cef8e8d017...
https://lists.apache.org/thread.html/9128111213b7b734ffc85db08d8f789b00a85a7f...
https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b...
https://lists.apache.org/thread.html/a0f77c73af32cbe4ff0968bfcbbe80ae6361f3dc...
https://lists.apache.org/thread.html/af6e9c2d716868606523857a4cd7a5ee506e6d17...
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a...
https://lists.apache.org/thread.html/b264fa5801e87698e9f43f2b5585fbc5ebdc26c6...
https://lists.apache.org/thread.html/b2cd51795f938632c6f60a4c59d9e587fbacd7f7...
https://lists.apache.org/thread.html/b3dda6399a0ea2b647624b899fd330fca81834e4...
https://lists.apache.org/thread.html/b3ddeebbfaf8a288d7de8ab2611cf2609ab76b98...
https://lists.apache.org/thread.html/bdf7a5e597346a75d2d884ca48c767525e35137a...
https://lists.apache.org/thread.html/cbf6e6a04cb37e9320ad20e437df63beeab1755f...
https://lists.apache.org/thread.html/cf5aa087632ead838f8ac3a42e9837684e7afe6e...
https://lists.apache.org/thread.html/d14f721e0099b914daebe29bca199fde85d83542...
https://lists.apache.org/thread.html/d3eb0dbea75ef5c400bd49dfa1901ad50be606cc...
https://lists.apache.org/thread.html/d7d530599dc7813056c712213e367b68cdf56fb5...
https://lists.apache.org/thread.html/e192fe8797c192679759ffa6b15e4d0806546945...
https://lists.apache.org/thread.html/e39931d7cdd17241e69a0a09a89d99d7435bcc59...
https://lists.apache.org/thread.html/ee6faea9e542c0b90afd70297a9daa203e20d41a...
https://lists.apache.org/thread.html/f6c5ebfb018787c764f000362d59e4b231c0a36b...
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34...
https://lists.apache.org/thread.html/r0aa8b28e76ec01c697b15e161e6797e88fc8d40...
https://lists.apache.org/thread.html/r0c3d49bfdbc62fd3915676433cc5899c5506d06...
https://lists.apache.org/thread.html/r131e572d003914843552fa45c4398b9903fb741...
https://lists.apache.org/thread.html/r3225f7dfe6b8a37e800ecb8e31abd7ac6c4312d...
https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410...
https://lists.apache.org/thread.html/r73c400ab66d79821dec9e3472f0e2c048d52867...
https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb684609842...
https://lists.apache.org/thread.html/r831e0548fad736a98140d0b3b7dc575af0c50fa...
https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74...
https://lists.apache.org/thread.html/r8402d67fdfe9cf169f859d52a7670b28a08eff3...
https://lists.apache.org/thread.html/r86befa74c5cd1482c711134104aec339bf7ae87...
https://lists.apache.org/thread.html/r90030b0117490caed526e57271bf4d7f9b01209...
https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006c...
https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd...
https://lists.apache.org/thread.html/rb25b42f666d2cac5e6e6b3f771faf60d1f1aa58...
https://lists.apache.org/thread.html/rb3361f6c6a5f834ad3db5e998c352760d393c08...
https://lists.apache.org/thread.html/rc7eb5634b71d284483e58665b22bf274a69bd18...
https://lists.apache.org/thread.html/rc8d554aad889d12b140d9fd7d2d6fc2e8716e97...
https://lists.apache.org/thread.html/rcb2c59428f34d4757702f9ae739a8795bda7bea...
https://lists.apache.org/thread.html/rcddf723a4b4117f8ed6042e9ac25e8c5110a617...
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2...
https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33...
https://lists.apache.org/thread.html/rdd5d243a5f8ed8b83c0104e321aa420e5e98792...
https://lists.apache.org/thread.html/re0b78a3d0a4ba2cf9f4e14e1d05040bde9051d5...
https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd...
https://lists.apache.org/thread.html/re78eaef7d01ad65c370df30e45c686fffff00b3...
https://lists.apache.org/thread.html/rf2bf8e2eb0a03227f5bc100b544113f8cafea01...
https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2...
https://lists.debian.org/debian-lts-announce/2019/09/msg00035.html
https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00004.html
https://seclists.org/bugtraq/2020/Jan/6
https://usn.ubuntu.com/4532-1/
https://www.debian.org/security/2020/dsa-4597

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	netty	netty	*		Up to (excluding) 4.1.42
	运行在以下环境
	系统	debian_10	netty	*		Up to (excluding) 4.1.33-1+deb10u1
	运行在以下环境
	系统	debian_11	netty	*		Up to (excluding) 4.1.33-2
	运行在以下环境
	系统	debian_12	netty	*		Up to (excluding) 4.1.33-2

攻击路径

远程
攻击复杂度

复杂
权限要求

无需权限
影响范围

有限影响
EXP成熟度

未验证
补丁情况

官方补丁
数据保密性

无影响
数据完整性

无影响
服务器危害

无影响
全网数量

100

CWE-ID	漏洞类型
CWE-444	HTTP请求的解释不一致性（HTTP请求私运）

低危 在HTTP标头中的冒号之前，通过错误处理的空白走私HTTP请求

漏洞描述

解决建议

参考链接

受影响软件情况

低危在HTTP标头中的冒号之前，通过错误处理的空白走私HTTP请求