nginx 1.1.x < 1.1.19 / 1.0.x < 1.0.15 A Buffer Overflow Vulnerability

According to its Sever response header, the installed version of nginx is 1.0.x prior to 1.0.15 or 1.1.x prior to 1.1.19. It is, therefore, affected by the following issue : - Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through...

Fedora Update for nginx FEDORA-2012-6238

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Important: nginx

Issue Overview: Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted MP4...

Fedora Update for nginx FEDORA-2012-6411

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2012-6411 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Fedora Update for nginx FEDORA-2012-6371

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for nginx FEDORA-2012-6411

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 16 : nginx-1.0.15-1.fc16 (2012-6411)

Update to 1.0.15 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

[BSA-069] Security Update for NGINX

Hi. I uploaded new packages for nginx which fixed the following security problems: CVE-2012-2089 - nginx -- arbitrary code execution in mp4 pseudo-streaming module A flaw was reported in the nginx standard mp4 pseudo-streaming module. A specially-crafted mp4 file could allow for the overwriting o...

CVE-2012-2089

Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted MP4 file...

CVE-2012-2089

The CVE-2012-2089 issue affects nginx and is caused by a buffer overflow in ngx_http_mp4_module.c when the mp4 directive is used. Affected versions are nginx 1.0.7–1.0.14 and 1.1.3–1.1.18, potentially leading to memory overwrite, denial of service, or remote code execution. Remediation in the con...

Buffer overflow in the ngx_http_mp4_module

Buffer overflow in the ngxhttpmp4module Severity: major CVE-2012-2089 Not vulnerable: 1.1.19+, 1.0.15+ Vulnerable: 1.1.3-1.1.18, 1.0.7-1.0.14...

nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability

nginx is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of- service conditions. nginx versions 1.1....

nginx 'ngx_http_mp4_module.c'缓冲区溢出漏洞

BUGTRAQ ID: 52999 CVE ID: CVE-2012-2089 nginx是一款使用非常广泛的高性能Web服务器。 nginx在ngxhttpmp4module的实现上存在缓冲区溢出漏洞，攻击者可利用此漏洞执行任意代码。 0 nginx 1.1.17 nginx 1.0.9 nginx 1.0.8 nginx 1.0.14 厂商补丁： Igor Sysoev ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://nginx.net/...