|
|
Log in / Subscribe / Register

nginx: arbitrary code execution

Package(s):nginx CVE #(s):CVE-2009-2629
Created:September 14, 2009 Updated:December 7, 2009
Description:

From the Debian advisory:

Chris Ries discovered that nginx, a high-performance HTTP server, reverse proxy and IMAP/POP3 proxy server, is vulnerable to a buffer underflow when processing certain HTTP requests. An attacker can use this to execute arbitrary code with the rights of the worker process (www-data on Debian) or possibly perform denial of service attacks by repeatedly crashing worker processes via a specially crafted URL in an HTTP request.

Alerts:
Fedora FEDORA-2009-12750 nginx 2009-12-07
Fedora FEDORA-2009-12782 nginx 2009-12-07
Fedora FEDORA-2009-12775 nginx 2009-12-07
Gentoo 200909-18 nginx 2009-09-18
Fedora FEDORA-2009-9630 nginx 2009-09-15
Fedora FEDORA-2009-9652 nginx 2009-09-15
Debian DSA-1884-1 nginx 2009-09-14
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds