Re: Nginx ngx_http_close_connection function integer overflow

Hello, On Thu, 25 Apr 2013, 06:52-0000, [email protected] wrote: ... II. DESCRIPTION --------------------- Qihoo 360 Web Security Research Team discovered a critical vulnerability in nginx. The vulnerability is caused by a int overflow error within the Nginx ngxhttpcloseconnection function when...

Fedora Update for haproxy FEDORA-2013-4827

Check for the Version of haproxy OpenVAS Vulnerability Test Fedora Update for haproxy FEDORA-2013-4827 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2012-5657

The 1 ZendFeedRss and 2 ZendFeedAtom classes in ZendFeed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service CPU and memory consumption via an XML External...

Xxe

The 1 ZendFeedRss and 2 ZendFeedAtom classes in ZendFeed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service CPU and memory consumption via an XML External...

Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2013:156)

A vulnerability has been found and corrected in apache-modsecurity : ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML external entity declaration in conjunction with...

Nginx ngx_http_close_connection function integer overflow

Website: http://safe3.com.cn I. BACKGROUND --------------------- Nginx is an HTTP and reverse proxy server, as well as a mail proxy server, written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VKontakte, and Rambler. Accordin...

New Apache backdoor serving Blackhole exploit kit

A new sophisticated and stealthy Apache backdoor meant to drive traffic to malicious websites serving Blackhole exploit kit widely has been detected by Sucuri recently. Researchers claimed that this backdoor affecting hundreds of web servers right now. Dubbed Linux/Cdorked.A, one of the most...

nginx Integer Overflow Vulnerability

Qihoo 360 Web Security Research Team discovered a critical vulnerability in nginx. The vulnerability is caused by a integer overflow error within the Nginx ngxhttpcloseconnection function when r-count is less then 0 or more then 255, which could be exploited by remote attackers to compromise a...

CVE-2013-1915

ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity XXE vulnerability...

Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/59445/info The Cisco Linksys WRT310N Router is prone to multiple denial-of-service vulnerabilities when handling specially crafted HTTP requests. Successful exploits will cause the device to crash, denying service to legitimate users...

Apache HTTPD mod_log_config Cookie Handling Denial of Service - High Confidence (CVE-2012-0021)

A denial of service vulnerability has been reported in Apache HTTPD server. The vulnerability is due to a NULL pointer dereference error while logging crafted HTTP requests by modlogconfig. A remote attacker can exploit this issue by continuously sending HTTP requests containing specially crafted...

CVE-2013-3060

The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests...

CVE-2012-6551

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service broker resource consumption via HTTP requests...

CVE-2012-6551

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service broker resource consumption via HTTP requests...

Default configuration

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service broker resource consumption via HTTP requests...

CVE-2013-3060

The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests...

Authentication flaw

The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests...

CVE-2012-6551

The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service broker resource consumption via HTTP requests...

CVE-2012-6551

CVE-2012-6551 affects Apache ActiveMQ: the default configuration enables a sample web application, allowing remote attackers to cause broker resource exhaustion (DoS) via HTTP requests. Affected version: ActiveMQ before 5.8.0. Impact is denial of service to the broker; no exploitation details are...

CVE-2013-3060

CVE-2013-3060 affects Apache ActiveMQ pre-5.8.0, where the web console did not require authentication. This allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests. Public sources in the provided documents (e.g., ActiveMQ advisories and related Red H...