openSUSE Security Update : nginx (openSUSE-2018-316)

This update for nginx to version 1.13.9 fixes the following issues : - CVE-2017-7529: nginx: Integer overflow in nginx range filter module allowed memory disclosure bsc1048265 This update also contains all updates and improvements in 1.13.9 upstream release. %NASLMINLEVEL 70300 C Tenable Network...

OPENSUSE-SU-2018:0813-1 Security update for nginx

This update for nginx to version 1.13.9 fixes the following issues: - CVE-2017-7529: nginx: Integer overflow in nginx range filter module allowed memory disclosure bsc1048265 This update also contains all updates and improvements in 1.13.9 upstream release...

ModSecurity For Nginx Use-After-Free

Hey, TL;DR: UAF in a "non-release" version of ModSecurity for Nginx. !RCE|DoS, no need to panic. Plus some old and even older exploitation vectors. / 1. Use-After-Free UAF / During one of the engagements my team tested a WAF running in production Nginx + ModSecurity + OWASP Core Rule Set 123. In...

ModSecurity WAF 3.0 for Nginx - Denial of Service

Use-After-Free UAF During one of the engagements my team tested a WAF running in production Nginx + ModSecurity + OWASP Core Rule Set 123. In the system logs I found information about the Nginx worker processes being terminated due to memory corruption errors. Through fuzzing and stress testing...

SUSE Portus NGINX Djelibeybi configuration examples SSL Certificate Validation Vulnerability

SUSE Portus is an open source licensed service interface for the next generation of Docker registries to manage Docker registries.NGINX is a reverse proxy used in it.Djelibeybi configuration examples is one of the Djelibeybi configuration examples. A security vulnerability exists in Djelibeybi...

Input validation

The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...

CVE-2018-8059

The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...

CVE-2018-8059

The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...

CVE-2018-8059

CVE-2018-8059 concerns the Djelibeybi-based NGINX configurations used with SUSE Portus 2.3. The connected documents indicate the issue arises from a missing SSL certificate validation mechanism due to the absence of proxy_ssl_* directives in the relevant Djelibeybi configuration examples applied ...

CVE-2018-8059

The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...

nginx < 0.7.63 / 0.8.x < 0.8.17 Directory Traversal

According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 0.7.63 or 0.8.x prior to 0.8.17. It is, therefore, affected by a directory traversal vulnerability as noted in the vendor advisory. %NASLMINLEVEL 70300 C Tenable Networ...

nginx < 0.7.67 / 0.8.x < 0.8.41 DoS

According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 0.7.67 or 0.8.x prior to 0.8.41. It is, therefore, affected by a remote denial of service DoS vulnerability as noted in the vendor advisory. %NASLMINLEVEL 70300 C Tenab...

nginx < 1.8.1 / 1.9.x < 1.9.10 Multiple Vulnerabilities

According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 1.8.1 or 1.9.x prior to 1.9.10. It is, therefore, affected by multiple vulnerabilities as noted in the vendor advisory. %NASLMINLEVEL 70300 C Tenable Network Security,...

nginx < 0.7.66 / 0.8.x < 0.8.40 Information Disclosure

According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 0.7.66 or 0.8.x prior to 0.8.40. It is, therefore, affected by a source code information disclosure vulnerability as noted in the vendor advisory. %NASLMINLEVEL 70300 C...

nginx < 0.7.64 / 0.8.x < 0.8.23 Multiple Vulnerabilities

According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 0.7.64 or 0.8.x prior to 0.8.23. It is, therefore, affected by multiple vulnerabilities as noted in the vendor advisory. %NASLMINLEVEL 70300 C Tenable Network Security,...

Arista Networks EOS ngx_chain_to_iovec NULL Pointer Deference DoS (SA0021)

The version of Arista Networks EOS running on the remote device is affected by a denial of service vulnerability in NGINX due to a NULL pointer dereference flaw in the ngxchaintoiovec function within file os/unix/ngxfiles.c when handling specially crafted requests. An unauthenticated, remote...

QIWI: Imformation Disclosure on id.rapida.ru

Привет, Происходит раскрытие путей на id.rapida.ru/dp.php Шаги для воспроизведения: 1 Перейти на https://id.rapida.ru/login 2 Попробовать авторизоваться через телефон, ожидая смс-код. 3 Попробовать ввести не рабочий смс кодлюбой 4 В респонсе можно увидеть пути HTTP/1.1 200 OK Server: nginx Date:...

Numbers game: Exploring IntegerOverflow vulnerability in a popular nginx web server.

By @aLLy , Wallarm Research There was a very interesting vulnerability discovered in nginx, one of the most popular web/proxy/load balancing servers. This vulnerability leaks information about the application behind the nginx proxy. For example, a specially formed request can retrieve information...

vulners.com: [vulners.com] nginx alias_traversal

Incorrect configuration of alias could allow an attacker to read file stored outside the target folder. https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md Уязвимость только в конфигурации http, на https такого нет. Пример: http GET /static../monit/COPYING HTTP/1.1 Host:...

Coalition, Inc.: Non-Cloudflare IPs allowed to access origin servers

Hello Security Team, Summary: Like report 255978 It is possible to access origin servers served by nginx and not cloudflare. Description: Even though these IP's don't serve a functional version of the app it is possible to enable DDoS attacks by bypassing cloudflare protections. Steps To Reproduc...