nginx HTTP Request Header Remote Buffer Overflow

The remote host is running a version of nginx web server earlier than 0.5.38, 0.6.39, or 0.7.62. Such versions are potentially affected by a remote denial of service vulnerability because the application fails to to perform adequate bounds checking in the ‘ngx_http_process_request_headers()’ function of the ‘src/http/ngx_http_request.c’ source file. An attacker, exploiting this flaw, can cause the web server to crash, or potentially run arbitrary code subject to the privileges of the web server process.