7.5 - VU#180065

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Nginx ngx_http_parse_complex_uri() buffer underflow vulnerability

Informations
Name	VU#180065	First vendor Publication	2009-09-15
Vendor	VU-CERT	Last vendor Modification	2009-09-15
Severity (Vendor)	N/A	Revision	M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#180065

Nginx ngx_http_parse_complex_uri() buffer underflow vulnerability

Overview

A vulnerability in the nginx web server may allow remote attackers to execute arbitrary code on an affected system.

I. Description

nginx is an HTTP server and mail proxy server that is available for a number of different platforms. A buffer underflow vulnerability exists in the ngx_http_parse_complex_uri() function when handling specially crafted URIs. Exploitation of this vulnerability would cause the nginx server to write data contained in the URI to heap memory before the allocated buffer.

II. Impact

As with a number of other web servers, nginx is designed to operate with a single privileged master process and multiple unprivileged worker processes handling specific requests. A remote, unauthenticated attacker may be able to execute arbitrary code in the context of the worker process or cause the worker process to crash, resulting in a denial of service.

III. Solution

Upgrade or apply a patch

Updated versions of the nginx package have been released to address this issue. Users should consult the Systems Affected section of this document for information about specific vendors.

Systems Affected

Vendor	Status	Date Notified	Date Updated
Apple Inc.	Unknown	2009-09-05	2009-09-06
Conectiva Inc.	Unknown	2009-09-05	2009-09-06
Cray Inc.	Unknown	2009-09-05	2009-09-06
Debian GNU/Linux	Vulnerable	2009-09-05	2009-09-14
DragonFly BSD Project	Unknown	2009-09-05	2009-09-06
EMC Corporation	Unknown	2009-09-05	2009-09-06
Engarde Secure Linux	Unknown	2009-09-05	2009-09-06
F5 Networks, Inc.	Unknown	2009-09-05	2009-09-06
Fedora Project	Unknown	2009-09-05	2009-09-06
FreeBSD, Inc.	Unknown	2009-09-05	2009-09-06
Fujitsu	Unknown	2009-09-05	2009-09-06
Gentoo Linux	Unknown	2009-09-05	2009-09-06
Hewlett-Packard Company	Unknown	2009-09-05	2009-09-06
Hitachi	Unknown	2009-09-05	2009-09-06
IBM Corporation	Unknown	2009-09-05	2009-09-06
IBM eServer	Unknown	2009-09-05	2009-09-06
Infoblox	Unknown	2009-09-05	2009-09-06
Juniper Networks, Inc.	Unknown	2009-09-05	2009-09-06
Mandriva S. A.	Unknown	2009-09-05	2009-09-06
MontaVista Software, Inc.	Unknown	2009-09-05	2009-09-06
NEC Corporation	Unknown	2009-09-05	2009-09-06
NetBSD	Unknown	2009-09-05	2009-09-06
nginx	Vulnerable		2009-09-15
Nokia	Unknown	2009-09-05	2009-09-06
Novell, Inc.	Unknown	2009-09-05	2009-09-06
OpenBSD	Unknown	2009-09-05	2009-09-06
Openwall GNU/*/Linux	Unknown	2009-09-05	2009-09-06
QNX Software Systems Inc.	Unknown	2009-09-05	2009-09-06
Red Hat, Inc.	Unknown	2009-09-05	2009-09-06
SafeNet	Unknown	2009-09-05	2009-09-06
Silicon Graphics, Inc.	Unknown	2009-09-05	2009-09-06
Slackware Linux Inc.	Unknown	2009-09-05	2009-09-06
Sony Corporation	Unknown	2009-09-05	2009-09-06
Sun Microsystems, Inc.	Not Vulnerable	2009-09-05	2009-09-09
SUSE Linux	Not Vulnerable	2009-09-05	2009-09-08
The SCO Group	Not Vulnerable	2009-09-05	2009-09-08
Turbolinux	Unknown	2009-09-05	2009-09-06
Ubuntu	Unknown	2009-09-05	2009-09-06
Unisys	Unknown	2009-09-05	2009-09-06
Wind River Systems, Inc.	Unknown	2009-09-05	2009-09-06

References

Credit

Thanks to Chris Ries of the Carnegie Mellon University Information Security Office for reporting this vulnerability.

This document was written by Chad R Dougherty.

Other Information

Date Public:	2009-09-14
Date First Published:	2009-09-15
Date Last Updated:	2009-09-15
CERT Advisory:
CVE-ID(s):	CVE-2009-2629
NVD-ID(s):	CVE-2009-2629
US-CERT Technical Alerts:
Metric:	4.22
Document Revision:	8

Original Source

Url : http://www.kb.cert.org/vuls/id/180065

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-787	Out-of-bounds Write (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13138

Oval ID:	oval:org.mitre.oval:def:13138
Title:	DSA-1884-1 nginx -- buffer underflow
Description:	Chris Ries discovered that nginx, a high-performance HTTP server, reverse proxy and IMAP/POP3 proxy server, is vulnerable to a buffer underflow when processing certain HTTP requests. An attacker can use this to execute arbitrary code with the rights of the worker process or possibly perform denial of service attacks by repeatedly crashing worker processes via a specially crafted URL in an HTTP request. For the oldstable distribution, this problem has been fixed in version 0.4.13-2+etch2. For the stable distribution, this problem has been fixed in version 0.6.32-3+lenny2. For the testing distribution, this problem will be fixed soon. For the unstable distribution, this problem has been fixed in version 0.7.61-3. We recommend that you upgrade your nginx packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1884-1 CVE-2009-2629	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	nginx
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Supported architectures section Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND nginx DPKG is earlier than 0.6.32-3+lenny2 OR Release section Debian GNU/Linux 4.0 is installed. AND nginx DPKG is earlier than 0.4.13-2+etch2

Definition Id: oval:org.mitre.oval:def:7674

Oval ID:	oval:org.mitre.oval:def:7674
Title:	DSA-1884 nginx -- buffer underflow
Description:	Chris Ries discovered that nginx, a high-performance HTTP server, reverse proxy and IMAP/POP3 proxy server, is vulnerable to a buffer underflow when processing certain HTTP requests. An attacker can use this to execute arbitrary code with the rights of the worker process (www-data on Debian) or possibly perform denial of service attacks by repeatedly crashing worker processes via a specially crafted URL in an HTTP request.
Family:	unix	Class:	patch
Reference(s):	DSA-1884 CVE-2009-2629	Version:	3
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	nginx
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND nginx is earlier than 0.6.32-3+lenny2 OR Release section Debian GNU/Linux 4.0 is installed. AND nginx is earlier than 0.4.13-2+etch2

CPE : Common Platform Enumeration

Type	Description	Count
Application	f5 Nginx cpe:2.3:a:f5:nginx:0.8.9:::::::* cpe:2.3:a:f5:nginx:0.8.8:::::::* cpe:2.3:a:f5:nginx:0.8.7:::::::* cpe:2.3:a:f5:nginx:0.8.6:::::::* cpe:2.3:a:f5:nginx:0.8.5:::::::* cpe:2.3:a:f5:nginx:0.8.4:::::::* cpe:2.3:a:f5:nginx:0.8.3:::::::* cpe:2.3:a:f5:nginx:0.8.2:::::::* cpe:2.3:a:f5:nginx:0.8.14:::::::* cpe:2.3:a:f5:nginx:0.8.13:::::::* cpe:2.3:a:f5:nginx:0.8.12:::::::* cpe:2.3:a:f5:nginx:0.8.11:::::::* cpe:2.3:a:f5:nginx:0.8.10:::::::* cpe:2.3:a:f5:nginx:0.8.1:::::::* cpe:2.3:a:f5:nginx:0.8.0:::::::* cpe:2.3:a:f5:nginx:0.7.9:::::::* cpe:2.3:a:f5:nginx:0.7.8:::::::* cpe:2.3:a:f5:nginx:0.7.7:::::::* cpe:2.3:a:f5:nginx:0.7.69:::::::* cpe:2.3:a:f5:nginx:0.7.68:::::::* cpe:2.3:a:f5:nginx:0.7.67:::::::* cpe:2.3:a:f5:nginx:0.7.66:::::::* cpe:2.3:a:f5:nginx:0.7.65:::::::* cpe:2.3:a:f5:nginx:0.7.64:::::::* cpe:2.3:a:f5:nginx:0.7.63:::::::* cpe:2.3:a:f5:nginx:0.7.62:::::::* cpe:2.3:a:f5:nginx:0.7.61:::::::* cpe:2.3:a:f5:nginx:0.7.60:::::::* cpe:2.3:a:f5:nginx:0.7.6:::::::* cpe:2.3:a:f5:nginx:0.7.59:::::::* cpe:2.3:a:f5:nginx:0.7.58:::::::* cpe:2.3:a:f5:nginx:0.7.57:::::::* cpe:2.3:a:f5:nginx:0.7.56:::::::* cpe:2.3:a:f5:nginx:0.7.55:::::::* cpe:2.3:a:f5:nginx:0.7.54:::::::* cpe:2.3:a:f5:nginx:0.7.53:::::::* cpe:2.3:a:f5:nginx:0.7.52:::::::* cpe:2.3:a:f5:nginx:0.7.51:::::::* cpe:2.3:a:f5:nginx:0.7.50:::::::* cpe:2.3:a:f5:nginx:0.7.5:::::::* cpe:2.3:a:f5:nginx:0.7.49:::::::* cpe:2.3:a:f5:nginx:0.7.48:::::::* cpe:2.3:a:f5:nginx:0.7.47:::::::* cpe:2.3:a:f5:nginx:0.7.46:::::::* cpe:2.3:a:f5:nginx:0.7.45:::::::* cpe:2.3:a:f5:nginx:0.7.44:::::::* cpe:2.3:a:f5:nginx:0.7.43:::::::* cpe:2.3:a:f5:nginx:0.7.42:::::::* cpe:2.3:a:f5:nginx:0.7.41:::::::* cpe:2.3:a:f5:nginx:0.7.40:::::::* cpe:2.3:a:f5:nginx:0.7.4:::::::* cpe:2.3:a:f5:nginx:0.7.39:::::::* cpe:2.3:a:f5:nginx:0.7.38:::::::* cpe:2.3:a:f5:nginx:0.7.37:::::::* cpe:2.3:a:f5:nginx:0.7.36:::::::* cpe:2.3:a:f5:nginx:0.7.35:::::::* cpe:2.3:a:f5:nginx:0.7.34:::::::* cpe:2.3:a:f5:nginx:0.7.33:::::::* cpe:2.3:a:f5:nginx:0.7.32:::::::* cpe:2.3:a:f5:nginx:0.7.31:::::::* cpe:2.3:a:f5:nginx:0.7.30:::::::* cpe:2.3:a:f5:nginx:0.7.3:::::::* cpe:2.3:a:f5:nginx:0.7.29:::::::* cpe:2.3:a:f5:nginx:0.7.28:::::::* cpe:2.3:a:f5:nginx:0.7.27:::::::* cpe:2.3:a:f5:nginx:0.7.26:::::::* cpe:2.3:a:f5:nginx:0.7.25:::::::* cpe:2.3:a:f5:nginx:0.7.24:::::::* cpe:2.3:a:f5:nginx:0.7.23:::::::* cpe:2.3:a:f5:nginx:0.7.22:::::::* cpe:2.3:a:f5:nginx:0.7.21:::::::* cpe:2.3:a:f5:nginx:0.7.20:::::::* cpe:2.3:a:f5:nginx:0.7.2:::::::* cpe:2.3:a:f5:nginx:0.7.19:::::::* cpe:2.3:a:f5:nginx:0.7.18:::::::* cpe:2.3:a:f5:nginx:0.7.17:::::::* cpe:2.3:a:f5:nginx:0.7.16:::::::* cpe:2.3:a:f5:nginx:0.7.15:::::::* cpe:2.3:a:f5:nginx:0.7.14:::::::* cpe:2.3:a:f5:nginx:0.7.13:::::::* cpe:2.3:a:f5:nginx:0.7.12:::::::* cpe:2.3:a:f5:nginx:0.7.11:::::::* cpe:2.3:a:f5:nginx:0.7.10:::::::* cpe:2.3:a:f5:nginx:0.7.1:::::::* cpe:2.3:a:f5:nginx:0.7.0:::::::* cpe:2.3:a:f5:nginx:0.6.9:::::::* cpe:2.3:a:f5:nginx:0.6.8:::::::* cpe:2.3:a:f5:nginx:0.6.7:::::::* cpe:2.3:a:f5:nginx:0.6.6:::::::* cpe:2.3:a:f5:nginx:0.6.5:::::::* cpe:2.3:a:f5:nginx:0.6.4:::::::* cpe:2.3:a:f5:nginx:0.6.39:::::::* cpe:2.3:a:f5:nginx:0.6.38:::::::* cpe:2.3:a:f5:nginx:0.6.37:::::::* cpe:2.3:a:f5:nginx:0.6.36:::::::* cpe:2.3:a:f5:nginx:0.6.35:::::::* cpe:2.3:a:f5:nginx:0.6.34:::::::* cpe:2.3:a:f5:nginx:0.6.33:::::::* cpe:2.3:a:f5:nginx:0.6.32:::::::* cpe:2.3:a:f5:nginx:0.6.31:::::::* cpe:2.3:a:f5:nginx:0.6.30:::::::* cpe:2.3:a:f5:nginx:0.6.3:::::::* cpe:2.3:a:f5:nginx:0.6.29:::::::* cpe:2.3:a:f5:nginx:0.6.28:::::::* cpe:2.3:a:f5:nginx:0.6.27:::::::* cpe:2.3:a:f5:nginx:0.6.26:::::::* cpe:2.3:a:f5:nginx:0.6.25:::::::* cpe:2.3:a:f5:nginx:0.6.24:::::::* cpe:2.3:a:f5:nginx:0.6.23:::::::* cpe:2.3:a:f5:nginx:0.6.22:::::::* cpe:2.3:a:f5:nginx:0.6.21:::::::* cpe:2.3:a:f5:nginx:0.6.20:::::::* cpe:2.3:a:f5:nginx:0.6.2:::::::* cpe:2.3:a:f5:nginx:0.6.19:::::::* cpe:2.3:a:f5:nginx:0.6.18:::::::* cpe:2.3:a:f5:nginx:0.6.17:::::::* cpe:2.3:a:f5:nginx:0.6.16:::::::* cpe:2.3:a:f5:nginx:0.6.15:::::::* cpe:2.3:a:f5:nginx:0.6.14:::::::* cpe:2.3:a:f5:nginx:0.6.13:::::::* cpe:2.3:a:f5:nginx:0.6.12:::::::* cpe:2.3:a:f5:nginx:0.6.11:::::::* cpe:2.3:a:f5:nginx:0.6.10:::::::* cpe:2.3:a:f5:nginx:0.6.1:::::::* cpe:2.3:a:f5:nginx:0.6.0:::::::* cpe:2.3:a:f5:nginx:0.5.9:::::::* cpe:2.3:a:f5:nginx:0.5.8:::::::* cpe:2.3:a:f5:nginx:0.5.7:::::::* cpe:2.3:a:f5:nginx:0.5.6:::::::* cpe:2.3:a:f5:nginx:0.5.5:::::::* cpe:2.3:a:f5:nginx:0.5.4:::::::* cpe:2.3:a:f5:nginx:0.5.38:::::::* cpe:2.3:a:f5:nginx:0.5.37:::::::* cpe:2.3:a:f5:nginx:0.5.36:::::::* cpe:2.3:a:f5:nginx:0.5.35:::::::* cpe:2.3:a:f5:nginx:0.5.34:::::::* cpe:2.3:a:f5:nginx:0.5.33:::::::* cpe:2.3:a:f5:nginx:0.5.32:::::::* cpe:2.3:a:f5:nginx:0.5.31:::::::* cpe:2.3:a:f5:nginx:0.5.30:::::::* cpe:2.3:a:f5:nginx:0.5.3:::::::* cpe:2.3:a:f5:nginx:0.5.29:::::::* cpe:2.3:a:f5:nginx:0.5.28:::::::* cpe:2.3:a:f5:nginx:0.5.27:::::::* cpe:2.3:a:f5:nginx:0.5.26:::::::* cpe:2.3:a:f5:nginx:0.5.25:::::::* cpe:2.3:a:f5:nginx:0.5.24:::::::* cpe:2.3:a:f5:nginx:0.5.23:::::::* cpe:2.3:a:f5:nginx:0.5.22:::::::* cpe:2.3:a:f5:nginx:0.5.21:::::::* cpe:2.3:a:f5:nginx:0.5.20:::::::* cpe:2.3:a:f5:nginx:0.5.2:::::::* cpe:2.3:a:f5:nginx:0.5.19:::::::* cpe:2.3:a:f5:nginx:0.5.18:::::::* cpe:2.3:a:f5:nginx:0.5.17:::::::* cpe:2.3:a:f5:nginx:0.5.16:::::::* cpe:2.3:a:f5:nginx:0.5.15:::::::* cpe:2.3:a:f5:nginx:0.5.14:::::::* cpe:2.3:a:f5:nginx:0.5.13:::::::* cpe:2.3:a:f5:nginx:0.5.12:::::::* cpe:2.3:a:f5:nginx:0.5.11:::::::* cpe:2.3:a:f5:nginx:0.5.10:::::::* cpe:2.3:a:f5:nginx:0.5.1:::::::* cpe:2.3:a:f5:nginx:0.5.0:::::::* cpe:2.3:a:f5:nginx:0.4.9:::::::* cpe:2.3:a:f5:nginx:0.4.8:::::::* cpe:2.3:a:f5:nginx:0.4.7:::::::* cpe:2.3:a:f5:nginx:0.4.6:::::::* cpe:2.3:a:f5:nginx:0.4.5:::::::* cpe:2.3:a:f5:nginx:0.4.4:::::::* cpe:2.3:a:f5:nginx:0.4.3:::::::* cpe:2.3:a:f5:nginx:0.4.2:::::::* cpe:2.3:a:f5:nginx:0.4.14:::::::* cpe:2.3:a:f5:nginx:0.4.13:::::::* cpe:2.3:a:f5:nginx:0.4.12:::::::* cpe:2.3:a:f5:nginx:0.4.11:::::::* cpe:2.3:a:f5:nginx:0.4.10:::::::* cpe:2.3:a:f5:nginx:0.4.1:::::::* cpe:2.3:a:f5:nginx:0.4.0:::::::* cpe:2.3:a:f5:nginx:0.3.9:::::::* cpe:2.3:a:f5:nginx:0.3.8:::::::* cpe:2.3:a:f5:nginx:0.3.7:::::::* cpe:2.3:a:f5:nginx:0.3.61:::::::* cpe:2.3:a:f5:nginx:0.3.60:::::::* cpe:2.3:a:f5:nginx:0.3.6:::::::* cpe:2.3:a:f5:nginx:0.3.59:::::::* cpe:2.3:a:f5:nginx:0.3.58:::::::* cpe:2.3:a:f5:nginx:0.3.57:::::::* cpe:2.3:a:f5:nginx:0.3.56:::::::* cpe:2.3:a:f5:nginx:0.3.55:::::::* cpe:2.3:a:f5:nginx:0.3.54:::::::* cpe:2.3:a:f5:nginx:0.3.53:::::::* cpe:2.3:a:f5:nginx:0.3.52:::::::* cpe:2.3:a:f5:nginx:0.3.51:::::::* cpe:2.3:a:f5:nginx:0.3.50:::::::* cpe:2.3:a:f5:nginx:0.3.5:::::::* cpe:2.3:a:f5:nginx:0.3.49:::::::* cpe:2.3:a:f5:nginx:0.3.48:::::::* cpe:2.3:a:f5:nginx:0.3.47:::::::* cpe:2.3:a:f5:nginx:0.3.46:::::::* cpe:2.3:a:f5:nginx:0.3.45:::::::* cpe:2.3:a:f5:nginx:0.3.44:::::::* cpe:2.3:a:f5:nginx:0.3.43:::::::* cpe:2.3:a:f5:nginx:0.3.42:::::::* cpe:2.3:a:f5:nginx:0.3.41:::::::* cpe:2.3:a:f5:nginx:0.3.40:::::::* cpe:2.3:a:f5:nginx:0.3.4:::::::* cpe:2.3:a:f5:nginx:0.3.39:::::::* cpe:2.3:a:f5:nginx:0.3.38:::::::* cpe:2.3:a:f5:nginx:0.3.37:::::::* cpe:2.3:a:f5:nginx:0.3.36:::::::* cpe:2.3:a:f5:nginx:0.3.35:::::::* cpe:2.3:a:f5:nginx:0.3.34:::::::* cpe:2.3:a:f5:nginx:0.3.33:::::::* cpe:2.3:a:f5:nginx:0.3.32:::::::* cpe:2.3:a:f5:nginx:0.3.31:::::::* cpe:2.3:a:f5:nginx:0.3.30:::::::* cpe:2.3:a:f5:nginx:0.3.3:::::::* cpe:2.3:a:f5:nginx:0.3.29:::::::* cpe:2.3:a:f5:nginx:0.3.28:::::::* cpe:2.3:a:f5:nginx:0.3.27:::::::* cpe:2.3:a:f5:nginx:0.3.26:::::::* cpe:2.3:a:f5:nginx:0.3.25:::::::* cpe:2.3:a:f5:nginx:0.3.24:::::::* cpe:2.3:a:f5:nginx:0.3.23:::::::* cpe:2.3:a:f5:nginx:0.3.22:::::::* cpe:2.3:a:f5:nginx:0.3.21:::::::* cpe:2.3:a:f5:nginx:0.3.20:::::::* cpe:2.3:a:f5:nginx:0.3.2:::::::* cpe:2.3:a:f5:nginx:0.3.19:::::::* cpe:2.3:a:f5:nginx:0.3.18:::::::* cpe:2.3:a:f5:nginx:0.3.17:::::::* cpe:2.3:a:f5:nginx:0.3.16:::::::* cpe:2.3:a:f5:nginx:0.3.15:::::::* cpe:2.3:a:f5:nginx:0.3.14:::::::* cpe:2.3:a:f5:nginx:0.3.13:::::::* cpe:2.3:a:f5:nginx:0.3.12:::::::* cpe:2.3:a:f5:nginx:0.3.11:::::::* cpe:2.3:a:f5:nginx:0.3.10:::::::* cpe:2.3:a:f5:nginx:0.3.1:::::::* cpe:2.3:a:f5:nginx:0.3.0:::::::* cpe:2.3:a:f5:nginx:0.2.6:::::::* cpe:2.3:a:f5:nginx:0.2.5:::::::* cpe:2.3:a:f5:nginx:0.2.4:::::::* cpe:2.3:a:f5:nginx:0.2.3:::::::* cpe:2.3:a:f5:nginx:0.2.2:::::::* cpe:2.3:a:f5:nginx:0.2.1:::::::* cpe:2.3:a:f5:nginx:0.2.0:::::::* cpe:2.3:a:f5:nginx:0.1.9:::::::* cpe:2.3:a:f5:nginx:0.1.8:::::::* cpe:2.3:a:f5:nginx:0.1.7:::::::* cpe:2.3:a:f5:nginx:0.1.6:::::::* cpe:2.3:a:f5:nginx:0.1.5:::::::* cpe:2.3:a:f5:nginx:0.1.45:::::::* cpe:2.3:a:f5:nginx:0.1.44:::::::* cpe:2.3:a:f5:nginx:0.1.43:::::::* cpe:2.3:a:f5:nginx:0.1.42:::::::* cpe:2.3:a:f5:nginx:0.1.41:::::::* cpe:2.3:a:f5:nginx:0.1.40:::::::* cpe:2.3:a:f5:nginx:0.1.4:::::::* cpe:2.3:a:f5:nginx:0.1.39:::::::* cpe:2.3:a:f5:nginx:0.1.38:::::::* cpe:2.3:a:f5:nginx:0.1.37:::::::* cpe:2.3:a:f5:nginx:0.1.36:::::::* cpe:2.3:a:f5:nginx:0.1.35:::::::* cpe:2.3:a:f5:nginx:0.1.34:::::::* cpe:2.3:a:f5:nginx:0.1.33:::::::* cpe:2.3:a:f5:nginx:0.1.32:::::::* cpe:2.3:a:f5:nginx:0.1.31:::::::* cpe:2.3:a:f5:nginx:0.1.30:::::::* cpe:2.3:a:f5:nginx:0.1.3:::::::* cpe:2.3:a:f5:nginx:0.1.29:::::::* cpe:2.3:a:f5:nginx:0.1.28:::::::* cpe:2.3:a:f5:nginx:0.1.27:::::::* cpe:2.3:a:f5:nginx:0.1.26:::::::* cpe:2.3:a:f5:nginx:0.1.25:::::::* cpe:2.3:a:f5:nginx:0.1.24:::::::* cpe:2.3:a:f5:nginx:0.1.23:::::::* cpe:2.3:a:f5:nginx:0.1.22:::::::* cpe:2.3:a:f5:nginx:0.1.21:::::::* cpe:2.3:a:f5:nginx:0.1.20:::::::* cpe:2.3:a:f5:nginx:0.1.2:::::::* cpe:2.3:a:f5:nginx:0.1.19:::::::* cpe:2.3:a:f5:nginx:0.1.18:::::::* cpe:2.3:a:f5:nginx:0.1.17:::::::* cpe:2.3:a:f5:nginx:0.1.16:::::::* cpe:2.3:a:f5:nginx:0.1.15:::::::* cpe:2.3:a:f5:nginx:0.1.14:::::::* cpe:2.3:a:f5:nginx:0.1.13:::::::* cpe:2.3:a:f5:nginx:0.1.12:::::::* cpe:2.3:a:f5:nginx:0.1.11:::::::* cpe:2.3:a:f5:nginx:0.1.10:::::::* cpe:2.3:a:f5:nginx:0.1.1:::::::* cpe:2.3:a:f5:nginx:0.1.0:::::::* cpe:2.3:a:f5:nginx:r2::::open_source_subscription::: cpe:2.3:a:f5:nginx:r1::::open_source_subscription::: cpe:2.3:a:f5:nginx::::::::	297
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:6.0:::::::* cpe:2.3:o:debian:debian_linux:5.0:::::::* cpe:2.3:o:debian:debian_linux:4.0:::::::*	3
Os	Fedoraproject Fedora cpe:2.3:o:fedoraproject:fedora:12:::::::* cpe:2.3:o:fedoraproject:fedora:11:::::::* cpe:2.3:o:fedoraproject:fedora:10:::::::*	3

OpenVAS Exploits

Date	Description
2010-11-18	Name : nginx HTTP Request Remote Buffer Overflow Vulnerability File : nvt/gb_nginx_http_request_bof_vuln.nasl
2009-12-10	Name : Fedora Core 12 FEDORA-2009-12750 (nginx) File : nvt/fcore_2009_12750.nasl
2009-12-10	Name : Fedora Core 10 FEDORA-2009-12775 (nginx) File : nvt/fcore_2009_12775.nasl
2009-12-10	Name : Fedora Core 11 FEDORA-2009-12782 (nginx) File : nvt/fcore_2009_12782.nasl
2009-10-01	Name : nginx HTTP Request Remote Buffer Overflow Vulnerability File : nvt/nginx_36384.nasl
2009-09-21	Name : Fedora Core 11 FEDORA-2009-9630 (nginx) File : nvt/fcore_2009_9630.nasl
2009-09-21	Name : Fedora Core 10 FEDORA-2009-9652 (nginx) File : nvt/fcore_2009_9652.nasl
2009-09-21	Name : Gentoo Security Advisory GLSA 200909-18 (nginx) File : nvt/glsa_200909_18.nasl
2009-09-15	Name : Debian Security Advisory DSA 1884-1 (nginx) File : nvt/deb_1884_1.nasl
2009-09-15	Name : FreeBSD Ports: nginx File : nvt/freebsd_nginx.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
58128	nginx ngx_http_parse_complex_uri() Function Underflow The vulnerability is caused due to an error in the processing of URLs within the "ngx_http_parse_complex_uri()" function. This can be exploited to cause a buffer underflow via a specially crafted request and may allow execution of arbitrary code.

Snort® IPS/IDS

Date	Description
2014-01-10	nginx URI parsing buffer overflow attempt RuleID : 17528 - Revision : 10 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date	Description
2010-02-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1884.nasl - Type : ACT_GATHER_INFO
2009-12-08	Name : The remote Fedora host is missing a security update. File : fedora_2009-12750.nasl - Type : ACT_GATHER_INFO
2009-12-08	Name : The remote Fedora host is missing a security update. File : fedora_2009-12775.nasl - Type : ACT_GATHER_INFO
2009-12-08	Name : The remote Fedora host is missing a security update. File : fedora_2009-12782.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The web server on the remote host is affected by multiple vulnerabilities. File : nginx_http_request_buffer_overflow.nasl - Type : ACT_GATHER_INFO
2009-09-21	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200909-18.nasl - Type : ACT_GATHER_INFO
2009-09-16	Name : The remote Fedora host is missing a security update. File : fedora_2009-9630.nasl - Type : ACT_GATHER_INFO
2009-09-16	Name : The remote Fedora host is missing a security update. File : fedora_2009-9652.nasl - Type : ACT_GATHER_INFO
2009-09-15	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_152b27f0a15811de990ce5b1d4c882e0.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-05-26 13:24:11	Multiple Updates
2013-09-09 21:21:59	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	2
CPE ID(s)	303
osvdb(s)	1
Openvas Exploit(s)	10
Snort® Rule(s)	1
Nessus® Exploit(s)	9

	Related
7.5	CVE-2009-2629
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)