Test Kennung:	1.3.6.1.4.1.25623.1.0.802052
Kategorie:	Buffer overflow
Titel:	Nginx Chunked Transfer Encoding Stack Based Buffer Overflow Vulnerability
Zusammenfassung:	The host is running Nginx and is prone stack buffer overflow vulnerability.
Beschreibung:	Summary: The host is running Nginx and is prone stack buffer overflow vulnerability. Vulnerability Insight: A stack-based buffer overflow will occur in a worker process while handling certain chunked transfer encoding requests. Vulnerability Impact: Successful exploitation will let the remote unauthenticated attackers to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. Affected Software/OS: Nginx version 1.3.9 through 1.4.0 Solution: Upgrade to Nginx version 1.5.0, 1.4.1 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2028 BugTraq ID: 59699 http://www.securityfocus.com/bid/59699 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.html http://security.gentoo.org/glsa/glsa-201310-04.xml http://nginx.org/download/patch.2013.chunked.txt http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/ https://github.com/rapid7/metasploit-framework/pull/1834 http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html http://www.osvdb.org/93037 http://secunia.com/advisories/55181
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.