110 matches found
MiracleLinux 8 : nginx:1.16 (AXSA:2021-2307:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2307:01 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding descripti...
MiracleLinux 7 : rh-nginx116-nginx-1.16.1-6.0.1.el7.AXS7 (AXSA:2021-1875:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1875:01 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding descripti...
Alibaba Cloud Linux 3 : 0016: nginx:1.20 (ALINUX3-SA-2022:0016)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0016 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-9511: Some HTTP/2 implementations...
Alibaba Cloud Linux 3 : 0036: nginx:1.18 (ALINUX3-SA-2021:0036)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0036 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-23017: A security issue in nginx resolver...
ROS-2-576
2.576 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...
Linux Distros Unpatched Vulnerability : CVE-2021-23017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory...
Exploit for Off-by-one Error in F5 Nginx
CVE-2021-23017-POC A security issue in nginx resolver was iden...
Security Bulletin: nginx is vulnerable to CVE-2021-23017 used in IBM Maximo Application Suite - Edge Data Collector Component
Summary IBM Maximo Application Suite - Edge Data Collector Component uses nginx which is vulnerable to CVE-2021-23017. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2021-23017 DESCRIPTION: NGINX could allow a remote attacker to execute...
Rocky Linux 8 : nginx:1.20 (RLSA-2022:0323)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0323 advisory. - A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory...
Puppet Enterprise < 2019.8.7 / 2021.x < 2021.2 Nginx Vulnerability
or more information about this vulnerability, refer to the security announcements for CVE-2021-23017 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugi...
Exploit for Off-by-one Error in F5 Nginx
CVE-2021-23017 CVE-2021-23017-PoC python3 poc.py --ta...
Amazon Linux 2 : nginx (ALASNGINX1-2023-003)
The version of nginx installed on the remote host is prior to 1.20.0-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2023-003 advisory. A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot characte...
Important: nginx
Issue Overview: A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting the least significant byte of next heap chunk metadata likely leading to a remote...
Exploit for Off-by-one Error in F5 Nginx
CVE-2021-23017...
ROS-2-566
2.566 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...
ROS-2-1545
2.1545 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...
Oracle GoldenGate Multiple Vulnerabilities (January 2022 CPU)
The version of Oracle GoldenGate installed on the remote host is affected by the following vulnerabilities as noted in the January 2022 CPU advisory : - Vulnerability in Oracle GoldenGate component: Build Request Apache Xerces-C++. The supported version that is affected is Prior to 21.4.0.0.0...
CVE-2021-23017: NGINX Resolver Vulnerability
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. Products Affected. Brocade SANnav - Fixed in Brocade SANnav 2.2.1...
Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking
Juniper Networks has pushed security updates to address several vulnerabilities affecting multiple products, some of which could be exploited to seize control of affected systems. The most critical of the flaws affect Junos Space and Contrail Networking, with the tech company urging customers to...
Nginx 1.20.0 - Denial of Service (DOS)
Exploit Title: Nginx 1.20.0 - Denial of Service DOS Date: 2022-6-29 Exploit Author: Mohammed Alshehri - https://Github.com/M507 Vendor Homepage: https://nginx.org/ Software Link: https://github.com/nginx/nginx/releases/tag/release-1.20.0 Version: 0.6.18 - 1.20.0 Tested on: Ubuntu 18.04.4 LTS bion...