Denial of Service : nginx 1.1.4 <= 1.2.8 / 1.3.0 <= 1.4.0 DoS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.150667

Categoría: Denial of Service

Título: nginx 1.1.4 <= 1.2.8 / 1.3.0 <= 1.4.0 DoS Vulnerability

Resumen: nginx is prone to denial of service (DoS) vulnerability when; proxy_pass is used with untrusted HTTP servers.

Descripción: Summary:
nginx is prone to denial of service (DoS) vulnerability when
proxy_pass is used with untrusted HTTP servers.

Vulnerability Insight:
Please see the references for more information on the vulnerabilities.

Affected Software/OS:
nginx version 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0.

Solution:
Update to version 1.2.9, 1.4.1, 1.5.0 or later.

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-2070
55181
http://secunia.com/advisories/55181
59824
http://www.securityfocus.com/bid/59824
DSA-2721
http://www.debian.org/security/2013/dsa-2721
FEDORA-2013-8182
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html
GLSA-201310-04
http://security.gentoo.org/glsa/glsa-201310-04.xml
[nginx-announce] 20130513 nginx security advisory (CVE-2013-2070)
http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
[oss-security] 20130507 Re: nginx security advisory (CVE-2013-2028)
http://seclists.org/oss-sec/2013/q2/291
[oss-security] 20130513 nginx security advisory (CVE-2013-2070)
http://www.openwall.com/lists/oss-security/2013/05/13/3
http://nginx.org/download/patch.2013.proxy.txt
https://bugzilla.redhat.com/show_bug.cgi?id=962525
nginx-cve20132070-dos(84172)
https://exchange.xforce.ibmcloud.com/vulnerabilities/84172

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.150667
Categoría:	Denial of Service
Título:	nginx 1.1.4 <= 1.2.8 / 1.3.0 <= 1.4.0 DoS Vulnerability
Resumen:	nginx is prone to denial of service (DoS) vulnerability when; proxy_pass is used with untrusted HTTP servers.
Descripción:	Summary: nginx is prone to denial of service (DoS) vulnerability when proxy_pass is used with untrusted HTTP servers. Vulnerability Insight: Please see the references for more information on the vulnerabilities. Affected Software/OS: nginx version 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0. Solution: Update to version 1.2.9, 1.4.1, 1.5.0 or later. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2070 55181 http://secunia.com/advisories/55181 59824 http://www.securityfocus.com/bid/59824 DSA-2721 http://www.debian.org/security/2013/dsa-2721 FEDORA-2013-8182 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html GLSA-201310-04 http://security.gentoo.org/glsa/glsa-201310-04.xml [nginx-announce] 20130513 nginx security advisory (CVE-2013-2070) http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html [oss-security] 20130507 Re: nginx security advisory (CVE-2013-2028) http://seclists.org/oss-sec/2013/q2/291 [oss-security] 20130513 nginx security advisory (CVE-2013-2070) http://www.openwall.com/lists/oss-security/2013/05/13/3 http://nginx.org/download/patch.2013.proxy.txt https://bugzilla.redhat.com/show_bug.cgi?id=962525 nginx-cve20132070-dos(84172) https://exchange.xforce.ibmcloud.com/vulnerabilities/84172
Copyright	Copyright (C) 2021 Greenbone Networks GmbH