nginx 0.6.x Code Execution

Exploit Title: nginx Arbitrary Code Execution NullByte Injection Date: 24/08/2011 Exploit Author: Neal Poole Vendor Homepage: http://nginx.org/ Software Link: https://launchpad.net/nginx/0.6/0.6.36/+download/nginx-0.6.36.tar.gz Version: 0.5., 0.6., 0.7 //file.ext%00.php or http:////file.ext/x00.p...

Nginx 0.6.x - Arbitrary Code Execution NullByte Injection

Exploit Title: nginx Arbitrary Code Execution NullByte Injection Date: 24/08/2011 Exploit Author: Neal Poole Vendor Homepage: http://nginx.org/ Software Link: https://launchpad.net/nginx/0.6/0.6.36/+download/nginx-0.6.36.tar.gz Version: 0.5., 0.6., 0.7 //file.ext%00.php or http:////file.ext/x00.p...

Nginx 0.6.x - Arbitrary Code Execution NullByte Injection

Nginx 0.6.x - Arbitrary Code Execution NullByte Injection Exploit Title: nginx Arbitrary Code Execution NullByte Injection Date: 24/08/2011 Exploit Author: Neal Poole Vendor Homepage: http://nginx.org/ Software Link: https://launchpad.net/nginx/0.6/0.6.36/+download/nginx-0.6.36.tar.gz Version:...

Fedora Update for nginx FEDORA-2013-2955

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2013-2955 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Fedora 17 : nginx-1.0.15-9.fc17 (2013-2955)

Make sure nginx directories are not world readable Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora Update for nginx FEDORA-2013-2974

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2013-2974 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Fedora Update for nginx FEDORA-2013-2974

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for nginx FEDORA-2013-2955

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 18 : nginx-1.2.7-2.fc18 (2013-2974)

Make sure nginx directories are not world readable Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

[SECURITY] Fedora 17 Update: nginx-1.0.15-9.fc17

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

[SECURITY] Fedora 18 Update: nginx-1.2.7-2.fc18

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

Nginx 'access.log'不安全文件权限漏洞

BUGTRAQ ID: 58105 CVECAN ID: CVE-2013-0337 nginx是一款使用非常广泛的高性能Web服务器。 在Gentoo上，/var/log/nginx全局可访问，目录内的日志文件也是全局可读，这可允许未授权用户读取日志文件。 0 Igor Sysoev nginx 厂商补丁： Igor Sysoev ----------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://nginx.net/...

Debian DSA-2627-1 : nginx - information leak

Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed'CRIME', allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update to nginx disables SSL compression. %NASLMINLEVEL...

[SECURITY] [DSA 2627-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2627-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 17, 2013 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2627-1 (nginx - information leak)

Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed CRIME , allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update to nginx disables SSL compression. OpenVAS...

DSA-2627-1 nginx - information leak

Bulletin has no description...

Debian: Security Advisory (DSA-2627-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

nginx Security Bypass Vulnerability (Windows)

This host is running nginx and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: gbnginxsecbypassvulnwin.nasl 7548 2017-10-24 12:06:02Z cfischer $ nginx Security Bypass Vulnerability Windows Authors: Rachana Shetty Copyright: Copyright c 2013 Greenbone Networks GmbH,...

nginx Security Bypass Vulnerability - Windows

nginx is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nginx:nginx"; if description...

nginx 中间人攻击漏洞(CVE-2011-4968)

Bugtraq ID:57139 CVE ID:CVE-2011-4968 nginx是一款高性能的web服务器，使用非常广泛，其不仅经常被用作反向代理，也可以非常好的支持PHP的运行 nginx包含的Http代理模块允许通过https与源服务器通信，但是没有正确校验源服务器身份，允许攻击者在代理和源服务器之间进行中间人攻击 0 Igor Sysoev nginx 0.8.40 Igor Sysoev nginx 0.8.36 Igor Sysoev nginx 0.8.35 Igor Sysoev nginx 0.8.33 Igor Sysoev nginx 0.7.66 Igor...