Lucene search
RootSSV:60011HistoryMar 29, 2012 - 12:00 a.m.
nginx 'ngx_cpystrn()'信息泄露漏洞(CVE-2012-1180)
2012-03-2900:00:00
Root
www.seebug.org
38
0.002 Low
EPSS
Percentile
59.1%
BUGTRAQ ID: 52578
CVE ID: CVE-2012-1180
nginx是一款使用非常广泛的高性能web服务器。
nginx在处理上游服务器的畸形HTTP响应的实现上存在信息泄露漏洞,攻击者可利用此漏洞获取敏感信息。
0
nginx 1.0.9
nginx 1.0.8
nginx 1.0.10
厂商补丁:
Igor Sysoev
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
openvas
openvas
Fedora Update for nginx FEDORA-2012-3991
2012-04-02 00:00:00
Fedora Update for nginx FEDORA-2012-4006
2012-04-02 00:00:00
Debian: Security Advisory (DSA-2434-1)
2012-04-30 00:00:00
nessus
nessus
Fedora 15 : nginx-1.0.14-1.fc15 (2012-4006)
2012-04-02 00:00:00
Amazon Linux AMI : nginx (ALAS-2012-63)
2013-09-04 00:00:00
Fedora 16 : nginx-1.0.14-1.fc16 (2012-3991)
2012-04-02 00:00:00
securityvulns
securityvulns
nginx information leakage
2012-03-17 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: nginx-1.0.14-1.fc16
2012-03-31 03:08:07
[SECURITY] Fedora 17 Update: nginx-1.0.14-1.fc17
2012-04-12 03:27:59
[SECURITY] Fedora 15 Update: nginx-1.0.14-1.fc15
2012-03-31 03:14:27
prion
prion
Design/Logic Flaw
2012-04-17 21:55:00
debian
debian
[SECURITY] [DSA 2434-1] nginx security update
2012-03-19 22:56:59
ubuntucve
ubuntucve
CVE-2012-1180
2012-04-17 00:00:00
debiancve
debiancve
CVE-2012-1180
2012-04-17 21:55:00
nginx
nginx
Memory disclosure with specially crafted backend responses
2012-04-17 21:55:00
cve
cve
CVE-2012-1180
2012-04-17 21:55:00
amazon
amazon
Medium: nginx
2012-04-05 12:50:00
gentoo
gentoo
nginx: Multiple vulnerabilities
2012-03-28 00:00:00