12 matches found
Amazon Linux: Security Advisory (ALAS-2011-30)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : nginx-1.0 (openSUSE-2011-48)
A flaw in the custom DNS resolver of nginx could lead to a heap based buffer overflow which could potentially allow attackers to execute arbitrary code or to cause a Denial of Service bnc731084, CVE-2011-4315. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
openSUSE Security Update : nginx-0.8 (openSUSE-SU-2012:0237-1)
A flaw in the custom DNS resolver of nginx could lead to a heap based buffer overflow which could potentially allow attackers to execute arbitrary code or to cause a Denial of Service bnc731084, CVE-2011-4315. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
VUL-0: nginx: heap overflow (important)
A flaw in the custom DNS resolver of nginx could lead to a heap based buffer overflow which could potentially allow attackers to execute arbitrary code or to cause a Denial of Service bnc731084, CVE-2011-4315...
Medium: nginx
Issue Overview: Heap-based buffer overflow in compression-pointer processing in core/ngxresolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service daemon crash or possibly have unspecified other impact via a long response. Affected Packages: nginx Issue Correction: Run...
Fedora Update for nginx FEDORA-2011-16110
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2011-4315
CVE-2011-4315 describes a heap-based buffer overflow in nginx’s DNS resolver path (core/ngx_resolver.c) that can be triggered by compression-pointer processing. Affected: nginx versions prior to 1.0.10. Impact stated across sources: remote resolvers may cause a denial of service (daemon crash) an...
Buffer overflow in resolver
Buffer overflow in resolver Severity: medium CVE-2011-4315 Not vulnerable: 1.1.8+, 1.0.10+ Vulnerable: 0.6.18-1.1.7...
Fedora 15 : nginx-1.0.10-1.fc15 (2011-16110)
fix for CVE-2011-4315 nginx: heap overflow in ngxresolvercopy Update to latest stable version Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 16 : nginx-1.0.10-1.fc16 (2011-16075)
fix for CVE-2011-4315 nginx: heap overflow in ngxresolvercopy Update to latest stable version Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
nginx is prone to a remote heap-based buffer-overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nginx:nginx"...
nginx DNS解析器远程堆缓冲区溢出漏洞
Bugtraq ID: 50710 CVE ID:CVE-2011-4315 nginx是一款高性能的web服务器,使用非常广泛,其不仅经常被用作反向代理,也可以非常好的支持PHP的运行。 当处理DNS应答时"ngxresolvercopy"函数ngxresolver.c存在边界错误,构建特制DNS应答可触发基于堆的缓冲区溢出。 DNS解析器一般用于代理和fastcgi模块,默认不启用。 Igor Sysoev nginx 1.0.9 Igor Sysoev nginx 1.0.8 Igor Sysoev nginx 0.8.40 Igor Sysoev nginx 0.8.36 Igo...