Lucene search

K
freebsdFreeBSD94B6264A-5140-11E3-8B22-F0DEF16C5C1B
HistoryNov 19, 2013 - 12:00 a.m.

nginx -- Request line parsing vulnerability

2013-11-1900:00:00
vuxml.freebsd.org
37

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.954 High

EPSS

Percentile

99.3%

The nginx project reports:

Ivan Fratric of the Google Security Team discovered a bug in nginx, which might
allow an attacker to bypass security restrictions in certain configurations by
using a specially crafted request, or might have potential other impact
(CVE-2013-4547).

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.954 High

EPSS

Percentile

99.3%

Related for 94B6264A-5140-11E3-8B22-F0DEF16C5C1B