CVE-2009-4487

The CVE-2009-4487 issue affects nginx 0.7.64, where non-printable characters logged during HTTP requests can be exploited to alter a window title or potentially execute commands/overwrite files.根 The connected records confirm the vulnerability is real for nginx 0.7.64 and indicate remediation via...

CVE-2009-4487

nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

CVE-2009-4487

nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

nginx Terminal Escape Sequence in Logs Command Injection Vulnerability

The 'nginx' program is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in log files. Attackers can exploit this issue to execute arbitrary commands in a terminal. This issue affects nginx 0.7.64; other versions may also be affected. OpenVAS...

PT-2010-1345

Name of the Vulnerable Software and Affected Versions nginx version 0.7.64 Description The issue allows remote attackers to potentially modify a window's title, execute arbitrary commands, or overwrite files via an HTTP request containing an escape sequence for a terminal emulator. This is becaus...

nginx Terminal Escape Sequence in Logs Command Injection Vulnerability

nginx is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in log files. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Name Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Systems Affected nginx 0.7.64 Varnish 2.0.6 Cherokee 0.99.30...

Nginx 0.7.64 - Terminal Escape Sequence in Logs Command Injection

Nginx 0.7.64 - Terminal Escape Sequence in Logs Command Injection source: https://www.securityfocus.com/bid/37711/info The 'nginx' program is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in log files. Attackers can exploit this issue to...

Nginx 0.7.64 - Terminal Escape Sequence in Logs Command Injection

source: https://www.securityfocus.com/bid/37711/info The 'nginx' program is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in log files. Attackers can exploit this issue to execute arbitrary commands in a terminal. This issue affects nginx...

nginx 0.8.15 HTTP远程请求缓冲区溢出漏洞

No description provided by source...

nginx 0.8.14 拒绝服务漏洞

No description provided by source...

nginx 0.8.17 WebDAV目录遍历漏洞

No description provided by source...

Fedora Core 11 FEDORA-2009-12782 (nginx)

The remote host is missing an update to nginx announced via advisory FEDORA-2009-12782. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora Core 10 FEDORA-2009-12775 (nginx)

The remote host is missing an update to nginx announced via advisory FEDORA-2009-12775. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora Core 11 FEDORA-2009-12782 (nginx)

The remote host is missing an update to nginx announced via advisory FEDORA-2009-12782. OpenVAS Vulnerability Test $Id: fcore200912782.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-12782 nginx Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora Core 12 FEDORA-2009-12750 (nginx)

The remote host is missing an update to nginx announced via advisory FEDORA-2009-12750. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora Core 12 FEDORA-2009-12750 (nginx)

The remote host is missing an update to nginx announced via advisory FEDORA-2009-12750. OpenVAS Vulnerability Test $Id: fcore200912750.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-12750 nginx Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora Core 10 FEDORA-2009-12775 (nginx)

The remote host is missing an update to nginx announced via advisory FEDORA-2009-12775. OpenVAS Vulnerability Test $Id: fcore200912775.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-12775 nginx Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora 12 : nginx-0.7.64-1.fc12 (2009-12750)

Fri Dec 4 2009 Jeremy Hinegardner - 0.7.64-1 - Update to new stable 0.7.64 - Thu Oct 29 2009 Jeremy Hinegardner - 0.7.63-1 - Update to new stable 0.7.63 - reinstate zlib dependency Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

Fedora 10 : nginx-0.7.64-1.fc10 (2009-12775)

Fri Dec 4 2009 Jeremy Hinegardner - 0.7.64-1 - update to 0.7.64 - Thu Oct 29 2009 Jeremy Hinegardner - 0.7.63-1 - update to 0.7.63 - Mon Sep 14 2009 Jeremy Hinegardner - 0.7.62-1 - update to 0.7.62 - fixes CVE-2009-2629 - Sun Aug 2 2009 Jeremy Hinegardner - 0.7.61-1 - update to new stable 0.7.61...