Lucene search
Ubuntu.comUB:CVE-2013-2070HistoryJul 20, 2013 - 12:00 a.m.
CVE-2013-2070
2013-07-2000:00:00
ubuntu.com
ubuntu.com
14
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.014 Low
EPSS
Percentile
86.5%
http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0
through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows
remote attackers to cause a denial of service (crash) and obtain sensitive
information from worker process memory via a crafted proxy response, a
similar vulnerability to CVE-2013-2028.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164>
- <https://launchpad.net/bugs/1182586>
Notes
| Author | Note |
|---|---|
| jdstrand | per upstream 1.1.4 and higher |
Related
fedora
fedora
[SECURITY] Fedora 18 Update: nginx-1.2.9-1.fc18
2013-05-23 12:24:19
[SECURITY] Fedora 19 Update: nginx-1.4.1-1.fc19
2013-05-12 04:53:58
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2013-189)
2015-09-08 00:00:00
Fedora Update for nginx FEDORA-2013-8182
2013-05-27 00:00:00
Fedora Update for nginx FEDORA-2013-8182
2013-05-27 00:00:00
cve
cve
CVE-2013-2070
2013-07-20 03:37:00
CVE-2013-2028
2013-07-20 03:37:00
nessus
nessus
FreeBSD : nginx -- multiple vulnerabilities (efaa4071-b700-11e2-b1b9-f0def16c5c1b)
2013-05-08 00:00:00
Amazon Linux AMI : nginx (ALAS-2013-189)
2013-09-04 00:00:00
Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
2018-11-05 00:00:00
securityvulns
securityvulns
nginx buffer overflow
2013-07-10 00:00:00
[SECURITY] [DSA 2721-1] nginx security update
2013-07-10 00:00:00
debiancve
debiancve
CVE-2013-2070
2013-07-20 03:37:00
CVE-2013-2028
2013-07-20 03:37:00
amazon
amazon
Medium: nginx
2013-05-14 15:35:00
freebsd
freebsd
nginx -- multiple vulnerabilities
2013-05-07 00:00:00
cvelist
cvelist
CVE-2013-2070
2013-07-18 01:00:00
CVE-2013-2028
2013-07-18 01:00:00
prion
prion
Design/Logic Flaw
2013-07-20 03:37:00
Stack overflow
2013-07-20 03:37:00
mageia
mageia
Updated nginx package fixes security vulnerability
2013-06-06 16:24:33
gentoo
gentoo
nginx: Multiple vulnerabilities
2013-10-06 00:00:00
debian
debian
[SECURITY] [DSA 2721-1] nginx security update
2013-07-07 16:20:59
canvas
canvas
Immunity Canvas: NGINX_CHUNK
2013-07-20 03:37:00
packetstorm
packetstorm
Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
2013-05-23 00:00:00
Nginx 1.3.9 / 1.4.0 Denial Of Service
2013-05-17 00:00:00
Nginx 1.3.9 / 1.4.0 Buffer Overflow
2013-07-19 00:00:00
seebug
seebug
nginx 'ngx_http_parse.c'ๆ ็ผๅฒๅบๆบขๅบๆผๆด
2013-05-17 00:00:00
nginx 1.3.9-1.4.0 DoS PoC
2013-05-17 00:00:00
Nginx proxy_passๆจกๅ่ฟ็จๅฎๅ
จๆผๆด(CVE-2013-2070)
2013-05-17 00:00:00
zdt
zdt
nginx 1.3.9-1.4.0 DoS PoC
2013-05-18 00:00:00
Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
2013-05-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package nginx version 1.4.1-alt1
2013-05-07 00:00:00
exploitpack
exploitpack
Nginx 1.3.9 1.4.0 - Denial of Service (PoC)
2013-05-17 00:00:00
Nginx 1.4.0 (Generic Linux x64) - Remote Overflow
2014-03-15 00:00:00
nginx
nginx
Stack-based buffer overflow with specially crafted request
2013-07-20 03:37:00
Memory disclosure with specially crafted HTTP backend responses
2013-07-20 03:37:00
ubuntucve
ubuntucve
CVE-2013-2028
2013-07-20 00:00:00
myhack58
myhack58
exploitdb
exploitdb
Nginx 1.4.0 (Generic Linux x64) - Remote Overflow
2014-03-15 00:00:00
Nginx 1.3.9 < 1.4.0 - Denial of Service (PoC)
2013-05-17 00:00:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.014 Low
EPSS
Percentile
86.5%
Related for UB:CVE-2013-2070