Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Zend Framework: spoofing client IP address

November 2013 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can use the X-Forwarded-For header when connecting to
a server with Zend Framework, in order to spoof the IP address of
a legitimate client.

 Impacted products: Zend Framework
 Severity: 2/4
 Creation date: 04/11/2013

DESCRIPTION OF THE VULNERABILITY

The Zend Framework provides two classes to manage the IP address
of a client:
Zend\Http\PhpEnvironment\RemoteAddress
Zend\Session\Validator\RemoteAddr

The HTTP X-Forwarded-For header is used by proxies to indicate the
IP address of their client, because the $_SERVER[’REMOTE_ADDR’]
variable contains the IP address of the proxy.

However, an attacker (who is not behind a proxy) can add the
X-Forwarded-For header containing the IP address of a client
allowed by RemoteAddress or RemoteAddr.

An attacker can therefore use the X-Forwarded-For header when
connecting to a server with Zend Framework, in order to spoof the
IP address of a legitimate client.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Zend-Framework-spoofing-client-IP-address-13689


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts