Lucene search
K

23 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.32 views

Mageia: Security Advisory (MGASA-2013-0160)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS9.5AI score0.11925EPSS
Exploits3References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.300 views

nginx 1.4.0 64-bit - Remote Exploit for Linux (Generic)

No description provided by source. nginx = 1.4.0 exploit for CVE-2013-2028 by sorbo Fri Jul 12 14:52:45 PDT 2013 ./brop.rb 127.0.0.1 for remote hosts: ./frag.sh ip ./brop.rb ip rm state.bin when changing host or relaunching nginx with canaries scan.py will find servers, reading IPs from ips.txt...

7.5CVSS0.1AI score0.87475EPSS
Exploits15
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.278 views

nginx 1.3.9-1.4.0 - DoS PoC

No description provided by source. Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2028 Google Dork: CVE-2013-2028 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link:...

7.5CVSS6.3AI score0.87475EPSS
Exploits15
exploitpack
exploitpack
added 2014/03/15 12:0 a.m.103 views

Nginx 1.4.0 (Generic Linux x64) - Remote Overflow

Nginx 1.4.0 Generic Linux x64 - Remote Overflow nginx = 1.4.0 exploit for CVE-2013-2028 by sorbo Fri Jul 12 14:52:45 PDT 2013 ./brop.rb 127.0.0.1 for remote hosts: ./frag.sh ip ./brop.rb ip rm state.bin when changing host or relaunching nginx with canaries scan.py will find servers, reading IPs...

7.5CVSS0.5AI score0.87475EPSS
Exploits15
NVD
NVD
added 2013/07/20 3:37 a.m.26 views

CVE-2013-2028

The ngxhttpparsechunked function in http/ngxhttpparse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service crash and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based...

7.5CVSS7.6AI score0.87475EPSS
Exploits15References10
canvas
canvas
added 2013/07/20 3:37 a.m.115 views

Immunity Canvas: NGINX_CHUNK

Name| nginxchunk ---|--- CVE| cve-2013-2028 Exploit Pack| CANVAS Description| Nginx Chunked Encoding Exploit Notes| CVE Name: cve-2013-2028 VENDOR: Nginx Repeatability: The repeatability of this exploit depends on the number of nginx worker processes configured in conf/nginx.conf; the default is ...

7.5CVSS6.4AI score0.87475EPSS
Exploits15
Prion
Prion
added 2013/07/20 3:37 a.m.27 views

Design/Logic Flaw

http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...

5.8CVSS6.6AI score0.87475EPSS
Exploits18References11Affected Software2
CVE
CVE
added 2013/07/18 1:0 a.m.495 views

CVE-2013-2028

The CVE-2013-2028 issue affects nginx 1.3.9–1.4.0, where the ngx_http_parse_chunked function mishandles large chunk sizes in chunked Transfer-Encoding. The root cause is an integer signedness error that leads to a stack-based buffer overflow, enabling remote denial of service and potential code e...

7.5CVSS7.5AI score0.87475EPSS
Exploits15References10Affected Software1
Nginx
Nginx
added 2013/07/18 1:0 a.m.256 views

Stack-based buffer overflow with specially crafted request

Stack-based buffer overflow with specially crafted request Severity: major CVE-2013-2028 Not vulnerable: 1.5.0+, 1.4.1+ Vulnerable: 1.3.9-1.4.0...

7.5CVSS6.8AI score0.87475EPSS
Exploits15References1Affected Software1
Mageia
Mageia
added 2013/06/06 12:24 p.m.39 views

Updated nginx package fixes security vulnerability

A security problem related to CVE-2013-2028 was identified, affecting some previous nginx versions if proxypass to untrusted upstream HTTP servers is used. The problem may lead to a denial of service or a disclosure of a worker process memory on a specially crafted response from an upstream proxi...

5.8CVSS3.2AI score0.11925EPSS
Exploits3References3
Circl
Circl
added 2013/05/28 12:0 a.m.15 views

CVE-2013-2028

creationtimestamp| type| source ---|---|--- 2013-05-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/25775 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/nginxchunkedsize.rb 2025-02-06 03:13:41+00:00| seen|...

7.5CVSS5.7AI score0.87475EPSS
Exploits15References2
OpenVAS
OpenVAS
added 2013/05/27 12:0 a.m.40 views

Fedora Update for nginx FEDORA-2013-8182

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2013-8182 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

7.5CVSS9.5AI score0.87475EPSS
Exploits18References2
0day.today
0day.today
added 2013/05/24 12:0 a.m.140 views

Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow

This Metasploit module exploits a stack buffer overflow in versions 1.3.9 to 1.4.0 of nginx. The exploit first triggers an integer overflow in the ngxhttpparsechunked by supplying an overly long hex value as chunked block size. This value is later used when determining the number of bytes to read...

7.5CVSS0.5AI score0.87475EPSS
Exploits15
myhack58
myhack58
added 2013/05/24 12:0 a.m.20 views

Nginx 1.3.9, and 1.4. 0 buffer overflow vulnerability, as well as 6 4 bits of the exploit analysis-exploit warning-the black bar safety net

Preface knowledge: CVE-2 0 1 3-2 0 2 8: nginx when processing certain malformed HTTP request length value when there is a problem, an attacker exploiting this vulnerability may cause a stack overflow and thus execute arbitrary code, The minimum can cause a denial of service attack. Affected...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2013/05/17 12:0 a.m.97 views

nginx 'ngx_http_parse.c'栈缓冲区溢出漏洞

BUGTRAQ ID: 59699 CVECAN ID: CVE-2013-2028 nginx是HTTP及反向代理服务器,同时也用作邮件代理服务器。 nginx 1.3.9 - 1.4.0在解析HTTP块时,"ngxhttpparsechunked"函数 http/ngxhttpparse.c中存在错误,可被利用造成栈缓冲区溢出。 0 Nginx 1.3.9 - 1.4.0 临时解决方法: 建议您升级到nginx 1.4.1或者是1.5.0。但如果您不能立刻安装补丁或者升级,您可以采取以下措施以降低威胁: 在每个server块中使用如下配置 if $httptransferencodi...

7.5CVSS2.1AI score0.87475EPSS
Exploits15
Packet Storm
Packet Storm
added 2013/05/17 12:0 a.m.79 views

Nginx 1.3.9 / 1.4.0 Denial Of Service

Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2028 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link: http://nginx.org/download/nginx-1.4.0.tar.gz Version: 1.3.9-1.4.0 Tested on: Kali Linux ...

7.5CVSS6.3AI score0.87475EPSS
Exploits15
exploitpack
exploitpack
added 2013/05/17 12:0 a.m.66 views

Nginx 1.3.9 1.4.0 - Denial of Service (PoC)

Nginx 1.3.9 1.4.0 - Denial of Service PoC Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2028 Google Dork: CVE-2013-2028 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link:...

7.5CVSS0.1AI score0.87475EPSS
Exploits15
Exploit DB
Exploit DB
added 2013/05/17 12:0 a.m.100 views

Nginx 1.3.9 < 1.4.0 - Denial of Service (PoC)

Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2028 Google Dork: CVE-2013-2028 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link: http://nginx.org/download/nginx-1.4.0.tar.gz Version:...

7.5CVSS6.3AI score0.87475EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2013/05/13 12:0 a.m.50 views

Fedora 19 : nginx-1.4.1-1.fc19 (2013-7560)

Update to upstream release 1.4.1 which fixes : - CVE-2013-2028: Stack-based buffer overflow when handling certain chunked transfer encoding requests Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted t...

7.5CVSS5.7AI score0.87475EPSS
Exploits15References3
Tenable Nessus
Tenable Nessus
added 2013/05/08 12:0 a.m.47 views

nginx < 1.4.1 / 1.5.0 Multiple Vulnerabilities

Binary data 6795.prm...

7.5CVSS9.7AI score0.87475EPSS
Exploits18References6
Rows per page
Query Builder