MGASA-2013-0349 Updated nginx packages fix CVE-2013-4547

Updated nginx package fixes security vulnerability: Ivan Fratric of the Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request, or might have potential other impact CVE-2013-4547...

Debian Patches Flaws in Nginx, Perl Module

Debian has released patches for a pair of security vulnerabilities in the free operating system, including a security bypass flaw in the Nginx Web server. The other vulnerability lies in a Perl module used in the OS. The vulnerability in the HTTP: :Body Perl module could allow an attacker to run...

Nginx security vulnerability (CVE-2 0 1 3-4 5 4 7)-vulnerability warning-the black bar safety net

Nginx security restrictions might be some requests to ignore, when we for example, by the following manner for URL access restrictions, if an attacker uses some didn't after the escaped space character invalid HTTP Protocol, but from the Nginx 0.8.41 start considering compatibility issues to be...

Security fix for the ALT Linux 9 package nginx version 1.4.4-alt1

Nov. 22, 2013 Denis Smirnov 1.4.4-alt1 - 1.4.4 ALT 29604 - CVE-2013-4547...

[SECURITY] [DSA 2802-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2802-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst November 21, 2013 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2802-1 (nginx - restriction bypass)

Ivan Fratric of the Google Security Team discovered a bug in nginx, a web server, which might allow an attacker to bypass security restrictions by using a specially crafted request. The oldstable distribution squeeze is not affected by this problem. OpenVAS Vulnerability Test $Id: deb2802.nasl 66...

DSA-2802-1 nginx - restriction bypass

Bulletin has no description...

FreeBSD : nginx -- Request line parsing vulnerability (94b6264a-5140-11e3-8b22-f0def16c5c1b)

The nginx project reports : Ivan Fratric of the Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request, or might have potential other impact CVE-2013-4547. %NASLMINLEVEL 70300 C...

Debian: Security Advisory (DSA-2802-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nginx 1.1.17 - URI Processing SecURIty Bypass

Nginx 1.1.17 - URI Processing SecURIty Bypass source: https://www.securityfocus.com/bid/63814/info nginx is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. nginx 0.8.41 through 1.5.6 are...

Nginx 1.1.17 - URI Processing SecURIty Bypass

source: https://www.securityfocus.com/bid/63814/info nginx is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. nginx 0.8.41 through 1.5.6 are vulnerable. The following example data is...

nginx -- Request line parsing vulnerability

The nginx project reports: Ivan Fratric of the Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request, or might have potential other impact CVE-2013-4547...

Internet Bug Bounty Pays $5,000 for Severe Bugs

A bounty program begun by a bevy of industry heavyweights, including Microsoft and Facebook, will pay good money to white hats, researchers and even aspiring young hackers who find bugs in any of a dozen technologies central to the vitality and trustworthiness of the Internet. Dubbed the Internet...

CVE-2013-0337

The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the 1 access.log and 2 error.log files, which allows local users to obtain sensitive information by reading the files...

DEBIAN-CVE-2013-0337

The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the 1 access.log and 2 error.log files, which allows local users to obtain sensitive information by reading the files...

CVE-2013-0337

The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the 1 access.log and 2 error.log files, which allows local users to obtain sensitive information by reading the files...

CVE-2013-0337

The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the 1 access.log and 2 error.log files, which allows local users to obtain sensitive information by reading the files...

Default configuration

The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the 1 access.log and 2 error.log files, which allows local users to obtain sensitive information by reading the files...

UBUNTU-CVE-2013-0337

The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the 1 access.log and 2 error.log files, which allows local users to obtain sensitive information by reading the files...

CVE-2013-0337

The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the 1 access.log and 2 error.log files, which allows local users to obtain sensitive information by reading the files...