21 matches found
Mageia: Security Advisory (MGASA-2016-0216)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 1.0: Nginx PHSA-2016-0012
An update of the nginx package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2016-0012. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121651;...
nginx < 1.10.1 / 1.11.x < 1.11.1 Denial-of-Service Vulnerability
According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 1.10.1, or 1.11.x less than 1.11.1. It is, therefore, affected by a denial of service vulnerability %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Security Bulletin: IBM SmartCloud Provisioning security vulnerability has been identified in nginx (CVE-2016-4450)
Summary IBM SmartCloud Provisioning and SmartCloud Provisioning for Software Virtual Appliaance ships with nginx. A denial of service vulnerability has been identified in nginx CVE-2016-4450. Vulnerability Details CVE-ID: CVE-2016-4450 Description: nginx is vulnerable to a denial of service, caus...
Security Bulletin: Vulnerability in nginx affects IBM StoredIQ (CVE-2016-4450)
Summary A denial of service vulnerability was disclosed on May 31, 2016 by nginx. Nginx is used by StoredIQ. StoredIQ has addressed the applicable CVE Vulnerability Details CVE-ID: CVE-2016-4450 Description: nginx is vulnerable to a denial of service, caused by a NULL pointer dereference error in...
Arista Networks EOS ngx_chain_to_iovec NULL Pointer Deference DoS (SA0021)
The version of Arista Networks EOS running on the remote device is affected by a denial of service vulnerability in NGINX due to a NULL pointer dereference flaw in the ngxchaintoiovec function within file os/unix/ngxfiles.c when handling specially crafted requests. An unauthenticated, remote...
OPENSUSE-SU-2017:0362-1 Security update for nginx
This update for nginx fixes the following vulnerability: - CVE-2016-4450: Remote attackers could have caused a denial of service NULL pointer dereference and worker process crash via a crafted request, involving writing a client request body to a temporary file...
SOL08250500 - Nginx vulnerability CVE-2016-4450
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
Moderate: Red Hat Security Advisory: rh-nginx18-nginx security update
An update for rh-nginx18-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Fedora 23 : 1:nginx (2016-ea323bd6cf)
fix CVE-2016-4450 ---- update to upstream release 1.8.1 to fix CVE-2016-4450 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 24 : 1:nginx (2016-c329fc4c32)
update to upstream release 1.10.1 to fix CVE-2016-4450 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Nextcloud: help.nextcloud.com: Known DoS condition (null pointer deref) in Nginx running
The https://help.nextcloud.com sub-site is running Nginx/1.10.0 which is vuln to a known issue CVE-2016-4450 which allows a remote malformed HTTP request to cause the Nginx process to crash. DoS testing is mentioned as not requested, but if you know of an issue give it a go .. You can determine t...
Medium: nginx
Issue Overview: A problem was identified in nginx code responsible for saving client request body to a temporary file. A specially crafted request might result in worker process crash due to a NULL pointer dereference while writing client request body to a temporary file. Affected Packages: nginx...
CVE-2016-4450
os/unix/ngxfiles.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service NULL pointer dereference and worker process crash via a crafted request, involving writing a client request body to a temporary file...
NULL pointer dereference while writing client request body
NULL pointer dereference while writing client request body Severity: medium CVE-2016-4450 Not vulnerable: 1.11.1+, 1.10.1+ Vulnerable: 1.3.9-1.11.0...
CVE-2016-4450
CVE-2016-4450 – nginx denial of service via NULL pointer dereference . Affects nginx before 1.10.1 and 1.11.x before 1.11.1 when saving the client request body to a temporary file. A crafted request can crash a worker process, causing DoS. The underlying issue is a NULL pointer dereference in cod...
MGASA-2016-0216 Updated nginx packages fix CVE-2016-4450
Updated nginx package fixes security vulnerability: A problem was identified in nginx code responsible for saving client request body to a temporary file. A specially crafted request might result in worker process crash due to a NULL pointer dereference while writing client request body to a...
Updated nginx packages fix CVE-2016-4450
Updated nginx package fixes security vulnerability: A problem was identified in nginx code responsible for saving client request body to a temporary file. A specially crafted request might result in worker process crash due to a NULL pointer dereference while writing client request body to a...
Debian DSA-3592-1 : nginx - security update
It was discovered that a NULL pointer dereference in the Nginx code responsible for saving client request bodies to a temporary file might result in denial of service: Malformed requests could crash worker processes. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
[SECURITY] [DSA 3592-1] nginx security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3592-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2016 https://www.debian.org/security/faq -...