nginx URI Parsing Vulnerability

Last Update Date: 20 Nov 2013 10:35 Release Date: 20 Nov 2013 4220 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability has been identified in nginx. A remote user can bypass security restrictions.

A remote user can supply a specially crafted request containing an unescaped space character to potentially bypass security restrictions.

Impact

Security Restriction Bypass

System / Technologies affected

Versions 0.8.41 - 1.5.6

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendor has issued a fix (1.4.4, 1.5.7).

Vulnerability Identifier

CVE-2013-4547

Source

SecurityTracker

Related Link

http://securitytracker.com/id/1029363

Share with

Google Chrome Multiple Vulnerabilities

18 Nov 2013 3949 Views

Mozilla Firefox / Seamonkey Multiple Vulnerabilities

20 Nov 2013 3904 Views