CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

Integer overflow

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

UBUNTU-CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

CVE-2017-20005

CVE-2017-20005 affects NGINX before 1.13.6. It is a buffer overflow in the autoindex module triggered by modification dates with years exceeding four digits (e.g., 1969 or far-future dates), caused by integer overflow. The CVSSv3.1 vector and score indicate CRITICAL severity. Remediation per sour...

CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

F5 Nginx 输入验证错误漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 Inc. distributed under the BSD-like protocol. An input validation error vulnerability exists in F5 Nginx versions prior to 1.13.6, which stems from a buffer overflow...

openSUSE: Security Advisory for nginx (openSUSE-SU-2021:0835-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : nginx (openSUSE-2021-835)

This update for nginx fixes the following issues : - CVE-2021-23017: nginx DNS resolver off-by-one heap write bsc1186126 This update was imported from the SUSE:SLE-15-SP1:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

OPENSUSE-SU-2021:0835-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write bsc1186126 This update was imported from the SUSE:SLE-15-SP1:Update update project...

nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE

According to its Server response header, the installed version of nginx is 0.6.18 prior to 1.20.1. It is, therefore, affected by a remote code execution vulnerability. A security issue in nginx resolver was identified, which might allow an unauthenticated remote attacker to cause 1-byte memory...

SUSE SLES15 Security Update : nginx (SUSE-SU-2021:1839-1)

This update for nginx fixes the following issues : CVE-2021-23017: nginx DNS resolver off-by-one heap write bsc1186126 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format...

Security update for nginx (important)

openSUSE Security Update: Security update for nginx Announcement ID: openSUSE-SU-2021:0835-1 Rating: important References: 1186126 Cross-References: CVE-2021-23017 CVSS scores: CVE-2021-23017 SUSE: 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 An update th...

SUSE-SU-2021:1839-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write bsc1186126...

Important: nginx

Issue Overview: A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting the least significant byte of next heap chunk metadata likely leading to a remote...

Amazon Linux AMI : nginx (ALAS-2021-1507)

The version of nginx installed on the remote host is prior to 1.18.0-1.43. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1507 advisory. A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character o...

CVE-2021-23021

The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf is world readable with current permission bits set to 644...

CVE-2021-23021

The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf is world readable with current permission bits set to 644...

CVE-2021-23019

The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed in the systemd.txt file that is included in the NGINX support package...