Test Kennung:	1.3.6.1.4.1.25623.1.0.117009
Kategorie:	Web Servers
Titel:	nginx 1.5.10 'ngx_http_spdy_module' RCE Vulnerability
Zusammenfassung:	nginx is prone to a remote code execution (RCE) vulnerability in; the ngx_http_spdy_module module.
Beschreibung:	Summary: nginx is prone to a remote code execution (RCE) vulnerability in the ngx_http_spdy_module module. Vulnerability Insight: A bug in the experimental SPDY implementation in nginx was found, which might allow an attacker to corrupt worker process memory by using a specially crafted request, potentially resulting in arbitrary code execution. Affected Software/OS: The problem only affects nginx 1.5.10 on 32-bit platforms, compiled with the ngx_http_spdy_module module (which is not compiled by default), if the 'spdy' option of the 'listen' directive is used in a configuration file. Solution: Update to version 1.5.11 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0088 http://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html http://www.securitytracker.com/id/1030150
Copyright	Copyright (C) 2020 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.