Lucene search
K

16 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.32 views

Mageia: Security Advisory (MGASA-2013-0160)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS9.5AI score0.11925EPSS
Exploits3References5
NVD
NVD
added 2013/07/20 3:37 a.m.30 views

CVE-2013-2070

http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...

5.8CVSS6.2AI score0.11925EPSS
Exploits3References11
OSV
OSV
added 2013/07/20 3:37 a.m.12 views

CVE-2013-2070

http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...

6.2AI score
Exploits0References19
Nginx
Nginx
added 2013/07/18 1:0 a.m.201 views

Memory disclosure with specially crafted HTTP backend responses

Memory disclosure with specially crafted HTTP backend responses Severity: medium CVE-2013-2070 Not vulnerable: 1.5.0+, 1.4.1+, 1.2.9+ Vulnerable: 1.1.4-1.2.8, 1.3.9-1.4.0...

5.8CVSS6.2AI score0.11925EPSS
Exploits3References1Affected Software1
CVE
CVE
added 2013/07/18 1:0 a.m.556 views

CVE-2013-2070

The CVE concerns nginx proxying behavior and chunked transfer handling. Affected product: nginx with the proxy module/http parsing paths noted in CVE-2013-2070 (versions 1.1.4–1.2.8 and 1.3.0–1.4.0) when proxy_pass is used to untrusted upstream HTTP servers. Root cause: crafted proxy responses ca...

5.8CVSS6.2AI score0.11925EPSS
Exploits3References11Affected Software1
securityvulns
securityvulns
added 2013/07/10 12:0 a.m.83 views

[SECURITY] [DSA 2721-1] nginx security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2721-1 [email protected] http://www.debian.org/security/ Nico Golde July 07, 2013 http://www.debian.org/security/faq -...

5.8CVSS3.3AI score0.11925EPSS
Exploits3
OpenVAS
OpenVAS
added 2013/07/07 12:0 a.m.31 views

Debian Security Advisory DSA 2721-1 (nginx - buffer overflow)

A buffer overflow has been identified in nginx, a small, powerful, scalable web/proxy server, when processing certain chunked transfer encoding requests if proxypass to untrusted upstream HTTP servers is used. An attacker may use this flaw to perform denial of service attacks, disclose worker...

5.8CVSS0.1AI score0.11925EPSS
Exploits3References1
Mageia
Mageia
added 2013/06/06 12:24 p.m.41 views

Updated nginx package fixes security vulnerability

A security problem related to CVE-2013-2028 was identified, affecting some previous nginx versions if proxypass to untrusted upstream HTTP servers is used. The problem may lead to a denial of service or a disclosure of a worker process memory on a specially crafted response from an upstream proxi...

5.8CVSS3.2AI score0.11925EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2013/05/29 12:0 a.m.118 views

nginx ngx_http_proxy_module.c Memory Disclosure

According to its Server response header, the installed version of nginx is 1.1.x, greater than or equal to 1.1.4, or 1.2.x prior to 1.2.9. It is, therefore, affected by a memory disclosure vulnerability in 'ngxhttpproxymodule.c' when 'proxypass' to untrusted upstream servers is used. By sending a...

5.8CVSS5.4AI score0.11925EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2013/05/27 12:0 a.m.41 views

Fedora Update for nginx FEDORA-2013-8182

Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2013-8182 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

7.5CVSS9.5AI score0.87475EPSS
Exploits18References2
myhack58
myhack58
added 2013/05/19 12:0 a.m.30 views

nginx 1.3.9-1.4.0 DoS PoC-exploit warning-the black bar safety net

The following content is for Server Security testing, and the prohibition of illegal purposes! Exploit Title: nginx v1. 3. 9-1. 4. 0 DOS POC CVE-2 0 1 3-2 0 7 0 Google Dork: CVE-2 0 1 3-2 0 7 0 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com...

7.2AI score
Exploits0
0day.today
0day.today
added 2013/05/18 12:0 a.m.210 views

nginx 1.3.9-1.4.0 DoS PoC

Exploit for linux platform in category dos / poc Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2070 Google Dork: CVE-2013-2070 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link:...

5.8CVSS9.5AI score0.11925EPSS
Exploits3
seebug.org
seebug.org
added 2013/05/17 12:0 a.m.184 views

nginx 1.3.9-1.4.0 DoS PoC

No description provided by source. !/usr/bin/env python Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2070 Google Dork: CVE-2013-2070 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link:...

5.8CVSS9.5AI score0.11925EPSS
Exploits3
seebug.org
seebug.org
added 2013/05/17 12:0 a.m.131 views

Nginx proxy_pass模块远程安全漏洞(CVE-2013-2070)

BUGTRAQ ID: 59824 CVECAN ID: CVE-2013-2070 Nginx是HTTP及反向代理服务器,同时也用作邮件代理服务器,由Igor Sysoev编写。 Nginx 1.1.4 proxypass模块存在远程缓冲区溢出安全漏洞。如果HTTP后端返回特制的响应,proxypass模块会将工作进程内存返回给客户端。攻击者可利用此漏洞造成拒绝服务,也可以获取敏感信息。 0 Igor Sysoev nginx 1.1.19 Igor Sysoev nginx 1.1.17 Igor Sysoev nginx 1.0.9 Igor Sysoev nginx 1.0.8...

5.8CVSS9.3AI score0.11925EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2013/05/08 12:0 a.m.75 views

FreeBSD : nginx -- multiple vulnerabilities (efaa4071-b700-11e2-b1b9-f0def16c5c1b)

The nginx project reports : A stack-based buffer overflow might occur in a worker process process while handling a specially crafted request, potentially resulting in arbitrary code execution. CVE-2013-2028 A security problem related to CVE-2013-2028 was identified, affecting some previous nginx...

7.5CVSS6.1AI score0.87475EPSS
Exploits18References5
Tenable Nessus
Tenable Nessus
added 2013/05/08 12:0 a.m.48 views

nginx < 1.4.1 / 1.5.0 Multiple Vulnerabilities

Binary data 6795.prm...

7.5CVSS9.7AI score0.87475EPSS
Exploits18References6
Rows per page
Query Builder