6229 matches found
AjaXplorer 5.0.2 Shell Upload / Traversal
Trustwave SpiderLabs Security Advisory TWSL2013-027: Multiple Vulnerabilities in AjaXplorer Published: 09/05/13 Version: 1.0 Vendor: AjaXplorer http://ajaxplorer.info Product: AjaXplorer Version affected: 5.0.2 and prior Product description: AjaXplorer is an open source file sharing platform whic...
Amazon Linux AMI : nginx (ALAS-2012-63)
Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request. C Tenable Network Security, Inc. The descriptive text and package checks...
Amazon Linux AMI : nginx (ALAS-2012-74)
Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted MP4 file. C Tenable...
Amazon Linux AMI : nginx (ALAS-2011-30)
Heap-based buffer overflow in compression-pointer processing in core/ngxresolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service daemon crash or possibly have unspecified other impact via a long response. C Tenable Network Security, Inc. The descriptive text and...
Amazon Linux AMI : nginx (ALAS-2013-189)
http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...
DEBIAN-CVE-2013-2070
http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...
CVE-2013-2070
http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...
CVE-2013-2070
http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...
CVE-2013-2028
The ngxhttpparsechunked function in http/ngxhttpparse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service crash and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based...
CVE-2013-2070
http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...
Immunity Canvas: NGINX_CHUNK
Name| nginxchunk ---|--- CVE| cve-2013-2028 Exploit Pack| CANVAS Description| Nginx Chunked Encoding Exploit Notes| CVE Name: cve-2013-2028 VENDOR: Nginx Repeatability: The repeatability of this exploit depends on the number of nginx worker processes configured in conf/nginx.conf; the default is ...
Design/Logic Flaw
http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...
Stack overflow
The ngxhttpparsechunked function in http/ngxhttpparse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service crash and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based...
Nginx 1.3.9 / 1.4.0 Buffer Overflow
encoding: ASCII abort"$0 host port" if ARGV.length 2 require 'ronin' $count = 0 rop address taken from nginx binary find in the repo poprdi = 0x00427006 poprsi = 0x0043a00e poprdx = 0x0041b8fa poprax = 0x00442c80 mmap64 = 0x4029b0 mmapgot = 0x67f290 mmapaddr = 0x00410000 rsitorax = 0x0042afcb...
CVE-2013-2028
The ngxhttpparsechunked function in http/ngxhttpparse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service crash and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based...
CVE-2013-2070
http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...
CVE-2013-2070
The CVE concerns nginx proxying behavior and chunked transfer handling. Affected product: nginx with the proxy module/http parsing paths noted in CVE-2013-2070 (versions 1.1.4–1.2.8 and 1.3.0–1.4.0) when proxy_pass is used to untrusted upstream HTTP servers. Root cause: crafted proxy responses ca...
CVE-2013-2028
The ngxhttpparsechunked function in http/ngxhttpparse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service crash and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based...
CVE-2013-2070
http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...
nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
nginx version 1.3.9 and 1.4.0 x86 brute force proof of concept remote exploit that spawns a reverse shell. nginx 1.3.9/1.4.0 x86 brute force remote exploit copyright c 2013 kingcope ---------------------------- fix for internet exploitation, set MTU: ifconfig mtu 60000 up !!! WARNING !!! this...