This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Nginx | First view | 2009-11-24 |
| Product | Nginx | Last view | 2009-11-24 |
| Version | Type | ||
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:nginx:nginx:0.6.1516:*:*:*:*:*:*:* | 2 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4.9 | 2009-11-24 | CVE-2009-3898 | Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method. |
| 5 | 2009-11-24 | CVE-2009-3896 | src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 50% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 59278 | nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function U... |
| 58328 | nginx WebDAV Multiple Method Traversal Arbitrary File Write |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-04-30 | Name : Gentoo Security Advisory GLSA 201203-22 (nginx) File : nvt/glsa_201203_22.nasl |
| 2009-12-10 | Name : Fedora Core 12 FEDORA-2009-12750 (nginx) File : nvt/fcore_2009_12750.nasl |
| 2009-12-10 | Name : Fedora Core 10 FEDORA-2009-12775 (nginx) File : nvt/fcore_2009_12775.nasl |
| 2009-12-10 | Name : Fedora Core 11 FEDORA-2009-12782 (nginx) File : nvt/fcore_2009_12782.nasl |
| 2009-10-28 | Name : nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability File : nvt/nginx_36839.nasl |
| 2009-10-01 | Name : nginx WebDAV Multiple Directory Traversal Vulnerabilities File : nvt/nginx_36490.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-03-09 | Name: The remote web server is affected by a directory traversal vulnerability. File: nginx_0_7_63.nasl - Type: ACT_GATHER_INFO |
| 2012-06-21 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201203-22.nasl - Type: ACT_GATHER_INFO |
| 2009-12-08 | Name: The remote Fedora host is missing a security update. File: fedora_2009-12750.nasl - Type: ACT_GATHER_INFO |
| 2009-12-08 | Name: The remote Fedora host is missing a security update. File: fedora_2009-12775.nasl - Type: ACT_GATHER_INFO |
| 2009-12-08 | Name: The remote Fedora host is missing a security update. File: fedora_2009-12782.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The web server on the remote host is affected by multiple vulnerabilities. File: nginx_http_request_buffer_overflow.nasl - Type: ACT_GATHER_INFO |
