HTTPoxy: Threatening the security of CGI applications
Fifteen years after the discovery of the security flaw HTTPoxy, it’s still an issue with CGI applications. The reason for this is the fact that the Common Gateway Interface standard provides the use of environment variables to process HTTP requests. These can include header contents that modify the original proxy configuration, allowing hackers to redirect data packets to a completely foreign...