DSA-1884 nginx -- buffer underflowID: oval:org.mitre.oval:def:7674 | Date: (C)2009-12-15 (M)2023-02-20 |
Class: PATCH | Family: unix |
Chris Ries discovered that nginx, a high-performance HTTP server, reverse proxy and IMAP/POP3 proxy server, is vulnerable to a buffer underflow when processing certain HTTP requests. An attacker can use this to execute arbitrary code with the rights of the worker process (www-data on Debian) or possibly perform denial of service attacks by repeatedly crashing worker processes via a specially crafted URL in an HTTP request.
Platform: |
Debian 5.0 |
Debian 4.0 |