6359 matches found
CVE-2009-3896
src/http/ngxhttpparse.c in nginx aka Engine X 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service NULL pointer dereference and worker process crash via a long URI...
CVE-2009-3896
CVE-2009-3896 affects nginx and its parsing path: the ngx_http_process_request_headers() function in ngx_http_parse.c can dereference a NULL pointer when handling long URIs, leading to denial of service via worker crash. The cited public sources (e.g., GLSA 201203-22) document multiple nginx vuln...
CVE-2009-3896
src/http/ngxhttpparse.c in nginx aka Engine X 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service NULL pointer dereference and worker process crash via a long URI...
CVE-2009-3898
Directory traversal vulnerability in src/http/modules/ngxhttpdavmodule.c in nginx aka Engine X before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. dot dot in the Destination HTTP header for the WebDAV 1 COPY or 2 MOVE method...
nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
The 'nginx' program is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result i...
nginx HTTP Request Header Remote Buffer Overflow
Binary data 5216.prm...
nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
nginx is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
New nginx packages fix denial of service
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1920-1 [email protected] http://www.debian.org/security/ Stefan Fritsch October 26, 2009...
[SECURITY] [DSA-1920-1] New nginx packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1920-1 [email protected] http://www.debian.org/security/ Stefan Fritsch October 26, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1920-1] New nginx packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1920-1 [email protected] http://www.debian.org/security/ Stefan Fritsch October 26, 2009 http://www.debian.org/security/faq -...
DSA-1920-1 nginx - denial of service
Bulletin has no description...
nginx dos exploit
No description provided by source. debian: uname -a Linux debian 2.6.18-6-686 1 SMP Thu Aug 20 21:56:59 UTC 2009 i686 GNU/Linux debian: cat /etc/issue Debian GNU/Linux 4.0 \n \l debian: dpkg -l|grep nginx ii nginx 0.4.13-2+etch2 small, but very powerful and efficient debian: ps xauwww|grep...
nginx NULL Pointer Dereference
debian: uname -a Linux debian 2.6.18-6-686 1 SMP Thu Aug 20 21:56:59 UTC 2009 i686 GNU/Linux debian: cat /etc/issue Debian GNU/Linux 4.0 \n \l debian: dpkg -l|grep nginx ii nginx 0.4.13-2+etch2 small, but very powerful and efficient debian: ps xauwww|grep worker|grep -v grep www-data 3577 0.0 0.9...
nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
Exploit for unknown platform in category dos / poc ================================================================ nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC ================================================================ Title: nginx 0.7.0-0.7.61, 0.6.0-0.6.38,...
Nginx 0.7.0 0.7.61 0.6.0 0.6.38 0.5.0 0.5.37 0.4.0 0.4.14 - Denial of Service (PoC)
Nginx 0.7.0 0.7.61 0.6.0 0.6.38 0.5.0 0.5.37 0.4.0 0.4.14 - Denial of Service PoC debian: uname -a Linux debian 2.6.18-6-686 1 SMP Thu Aug 20 21:56:59 UTC 2009 i686 GNU/Linux debian: cat /etc/issue Debian GNU/Linux 4.0 \n \l debian: dpkg -l|grep nginx ii nginx 0.4.13-2+etch2 small, but very...
Nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - Denial of Service (PoC)
debian: uname -a Linux debian 2.6.18-6-686 1 SMP Thu Aug 20 21:56:59 UTC 2009 i686 GNU/Linux debian: cat /etc/issue Debian GNU/Linux 4.0 \n \l debian: dpkg -l|grep nginx ii nginx 0.4.13-2+etch2 small, but very powerful and efficient debian: ps xauwww|grep worker|grep -v grep www-data 3577 0.0 0.9...
nginx 0.7.0-0.7.61 0.6.0-0.6.38 0.5.0-0.5.37 0.4.0-0.4.14 PoC
No description provided by source. debian: uname -a Linux debian 2.6.18-6-686 1 SMP Thu Aug 20 21:56:59 UTC 2009 i686 GNU/Linux debian: cat /etc/issue Debian GNU/Linux 4.0 \n \l debian: dpkg -l|grep nginx ii nginx 0.4.13-2+etch2 small, but very powerful and efficient debian: ps xauwww|grep...
nginx 0.7.0-0.7.61 0.6.0-0.6.38 0.5.0-0.5.37 0.4.0-0.4.14 PoC
No description provided by source. debian: uname -a Linux debian 2.6.18-6-686 1 SMP Thu Aug 20 21:56:59 UTC 2009 i686 GNU/Linux debian: cat /etc/issue Debian GNU/Linux 4.0 \n \l debian: dpkg -l|grep nginx ii nginx 0.4.13-2+etch2 small, but very powerful and efficient debian: ps xauwww|grep...
nginx Proxy DNS Cache Domain Spoofing Vulnerability
The 'nginx' program is prone to a vulnerability that may allow attackers to spoof domains because the software fails to properly compare domains when referencing an internal DNS cache. This issue can be exploited when nginx is configured to act as a forward proxy, but this is a nonstandard and...
nginx WebDAV Multiple Directory Traversal Vulnerabilities
The 'nginx' program is prone to multiple directory-traversal vulnerabilities because the software fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues using directory-traversal strings '../' to overwrite arbitrary files outside the root directory. These issues...