CVE-2012-1180

Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request...

CVE-2012-2089

Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted MP4 file...

nginx 'ngx_cpystrn()' Information Disclosure Vulnerability

nginx is prone to an information-disclosure vulnerability. Attackers can exploit this issue to harvest sensitive information that may lead to further attacks. OpenVAS Vulnerability Test $Id: gbnginx52578.nasl 5988 2017-04-20 09:02:29Z teissa $ nginx 'ngxcpystrn' Information Disclosure Vulnerabili...

nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability

nginx is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of- service conditions. nginx versions 1.1....

nginx < 1.0.10 DNS Resolver Remote Heap Buffer Overflow

Binary data 6456.prm...

nginx < 1.0.15 / 1.1.x < 1.1.19 Buffer-Overflow Vulnerability

Binary data 6458.prm...

nginx < 1.0.14 / 1.1.x < 1.1.17 Information-Disclosure

Binary data 6457.prm...

nginx 'ngx_cpystrn()' Information Disclosure Vulnerability

nginx is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nginx:nginx"; if...

nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability

nginx is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD : nginx -- Buffer overflow in the ngx_http_mp4_module (0c14dfa7-879e-11e1-a2a0-00500802d8f7)

The nginx project reports : Buffer overflow in the ngxhttpmp4module %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors Redistribution and...

nginx 'ngx_http_mp4_module.c'缓冲区溢出漏洞

BUGTRAQ ID: 52999 CVE ID: CVE-2012-2089 nginx是一款使用非常广泛的高性能Web服务器。 nginx在ngxhttpmp4module的实现上存在缓冲区溢出漏洞，攻击者可利用此漏洞执行任意代码。 0 nginx 1.1.17 nginx 1.0.9 nginx 1.0.8 nginx 1.0.14 厂商补丁： Igor Sysoev ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://nginx.net/...

nginx 1.0.7 - 1.0.14 / 1.1.3 - 1.1.18 ngx_http_mp4_module Buffer Overflow

The remote web server is running nginx, a lightweight, high performance web server / reverse proxy and email IMAP/POP3 proxy. According to its Server response header, the installed version of nginx is between 1.0.7 and 1.0.14 or 1.1.3 and 1.1.18 and is, therefore, affected by a buffer overflow...

[SECURITY] Fedora 17 Update: nginx-1.0.14-1.fc17

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

Fedora 17 : nginx-1.0.14-1.fc17 (2012-3846)

Update to upstream release 1.0.14 to fix: malformed HTTP response headers leads to information leak. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

nginx -- Buffer overflow in the ngx_http_mp4_module

The nginx project reports: Buffer overflow in the ngxhttpmp4module...

Medium: nginx

Issue Overview: Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request. Affected Packages: nginx Issue Correction: Run yum updat...

Fedora Update for nginx FEDORA-2012-4006

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2012-4006 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Fedora Update for nginx FEDORA-2012-3991

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2012-3991 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Fedora Update for nginx FEDORA-2011-16075

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2011-16075 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora 16 : nginx-1.0.14-1.fc16 (2012-3991)

Update to upstream release 1.0.14 to fix: malformed HTTP response headers leads to information leak. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...