4 matches found
CVE-2009-4487 affecting package nginx 1.16.1-4
CVE-2009-4487 affecting package nginx 1.16.1-4. A patched version of the package is available...
nginx < 0.7.64 / 0.8.x < 0.8.23 Multiple Vulnerabilities
According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 0.7.64 or 0.8.x prior to 0.8.23. It is, therefore, affected by multiple vulnerabilities as noted in the vendor advisory. %NASLMINLEVEL 70300 C Tenable Network Security,...
CVE-2009-4487
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...
An error log data are not sanitized
An error log data are not sanitized Severity: none CVE-2009-4487 Not vulnerable: none Vulnerable: all...