Summary
Detail | |||
---|---|---|---|
Vendor | Nginx | First view | 2009-11-24 |
Product | Nginx | Last view | 2009-11-24 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:nginx:nginx:0.6.1516:*:*:*:*:*:*:* | 2 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.9 | 2009-11-24 | CVE-2009-3898 | Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method. |
5 | 2009-11-24 | CVE-2009-3896 | src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
50% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
59278 | nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function U... |
58328 | nginx WebDAV Multiple Method Traversal Arbitrary File Write |
OpenVAS Exploits
id | Description |
---|---|
2012-04-30 | Name : Gentoo Security Advisory GLSA 201203-22 (nginx) File : nvt/glsa_201203_22.nasl |
2009-12-10 | Name : Fedora Core 12 FEDORA-2009-12750 (nginx) File : nvt/fcore_2009_12750.nasl |
2009-12-10 | Name : Fedora Core 10 FEDORA-2009-12775 (nginx) File : nvt/fcore_2009_12775.nasl |
2009-12-10 | Name : Fedora Core 11 FEDORA-2009-12782 (nginx) File : nvt/fcore_2009_12782.nasl |
2009-10-28 | Name : nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability File : nvt/nginx_36839.nasl |
2009-10-01 | Name : nginx WebDAV Multiple Directory Traversal Vulnerabilities File : nvt/nginx_36490.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-03-09 | Name: The remote web server is affected by a directory traversal vulnerability. File: nginx_0_7_63.nasl - Type: ACT_GATHER_INFO |
2012-06-21 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201203-22.nasl - Type: ACT_GATHER_INFO |
2009-12-08 | Name: The remote Fedora host is missing a security update. File: fedora_2009-12750.nasl - Type: ACT_GATHER_INFO |
2009-12-08 | Name: The remote Fedora host is missing a security update. File: fedora_2009-12775.nasl - Type: ACT_GATHER_INFO |
2009-12-08 | Name: The remote Fedora host is missing a security update. File: fedora_2009-12782.nasl - Type: ACT_GATHER_INFO |
2009-09-24 | Name: The web server on the remote host is affected by multiple vulnerabilities. File: nginx_http_request_buffer_overflow.nasl - Type: ACT_GATHER_INFO |