Lucene search
RootSSV:85572HistoryJul 01, 2014 - 12:00 a.m.
nginx 1.4.0 64-bit - Remote Exploit for Linux (Generic)
2014-07-0100:00:00
Root
www.seebug.org
209
EPSS
0.152
Percentile
95.9%
No description provided by source.
nginx <= 1.4.0 exploit for CVE-2013-2028
by sorbo
Fri Jul 12 14:52:45 PDT 2013
./brop.rb 127.0.0.1
for remote hosts:
./frag.sh ip
./brop.rb ip
rm state.bin when changing host (or relaunching nginx with canaries)
scan.py will find servers, reading IPs from ips.txt
This is a generic exploit for 64-bit nginx which uses a new attack technique (BROP) that does not rely on a particular target binary. It will work on any distro and even compiled from source installations.
Exploit-DB mirror: http://www.exploit-db.com/sploits/32277.tgz
Related
packetstorm
packetstorm
Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
2013-05-23 00:00:00
Nginx 1.3.9 / 1.4.0 Buffer Overflow
2013-07-19 00:00:00
Nginx 1.3.9 / 1.4.0 Denial Of Service
2013-05-17 00:00:00
canvas
canvas
Immunity Canvas: NGINX_CHUNK
2013-07-20 03:37:00
nvd
nvd
CVE-2013-2028
2013-07-20 03:37:20
CVE-2013-2070
2013-07-20 03:37:25
nessus
nessus
Fedora 19 : nginx-1.4.1-1.fc19 (2013-7560)
2013-05-13 00:00:00
FreeBSD : nginx -- multiple vulnerabilities (efaa4071-b700-11e2-b1b9-f0def16c5c1b)
2013-05-08 00:00:00
Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
2018-11-05 00:00:00
exploitdb
exploitdb
Nginx 1.4.0 (Generic Linux x64) - Remote Overflow
2014-03-15 00:00:00
Nginx 1.3.9 < 1.4.0 - Denial of Service (PoC)
2013-05-17 00:00:00
Nginx 1.3.9/1.4.0 (x86) - Brute Force
2013-07-11 00:00:00
seebug
seebug
nginx 'ngx_http_parse.c'ζ ηΌε²εΊζΊ’εΊζΌζ΄
2013-05-17 00:00:00
nginx 1.3.9-1.4.0 - DoS PoC
2014-07-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package nginx version 1.4.1-alt1
2013-05-07 00:00:00
exploitpack
exploitpack
Nginx 1.3.9 1.4.0 - Denial of Service (PoC)
2013-05-17 00:00:00
Nginx 1.4.0 (Generic Linux x64) - Remote Overflow
2014-03-15 00:00:00
prion
prion
Stack overflow
2013-07-20 03:37:00
Design/Logic Flaw
2013-07-20 03:37:00
zdt
zdt
Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
2013-05-24 00:00:00
debiancve
debiancve
CVE-2013-2028
2013-07-20 03:37:20
CVE-2013-2070
2013-07-20 03:37:25
metasploit
metasploit
Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
2013-05-22 17:52:00
cvelist
cvelist
CVE-2013-2028
2013-07-18 01:00:00
CVE-2013-2070
2013-07-18 01:00:00
cve
cve
CVE-2013-2028
2013-07-20 03:37:20
CVE-2013-2070
2013-07-20 03:37:25
myhack58
myhack58
fedora
fedora
[SECURITY] Fedora 19 Update: nginx-1.4.1-1.fc19
2013-05-12 04:53:58
[SECURITY] Fedora 18 Update: nginx-1.2.9-1.fc18
2013-05-23 12:24:19
nginx
nginx
Stack-based buffer overflow with specially crafted request
2013-07-20 03:37:20
ubuntucve
ubuntucve
CVE-2013-2028
2013-07-20 00:00:00
CVE-2013-2070
2013-07-20 00:00:00
openvas
openvas
Nginx Chunked Transfer Encoding Stack Based Buffer Overflow Vulnerability
2013-05-21 00:00:00
Fedora Update for nginx FEDORA-2013-8182
2013-05-27 00:00:00
Fedora Update for nginx FEDORA-2013-8182
2013-05-27 00:00:00
securityvulns
securityvulns
nginx buffer overflow
2013-07-10 00:00:00
amazon
amazon
Medium: nginx
2013-05-14 15:35:00
freebsd
freebsd
nginx -- multiple vulnerabilities
2013-05-07 00:00:00
mageia
mageia
Updated nginx package fixes security vulnerability
2013-06-06 16:24:33
gentoo
gentoo
nginx: Multiple vulnerabilities
2013-10-06 00:00:00