ID de Prueba:	1.3.6.1.4.1.25623.1.0.802052
Categoría:	Buffer overflow
Título:	Nginx Chunked Transfer Encoding Stack Based Buffer Overflow Vulnerability
Resumen:	Nginx is prone to a stack based buffer overflow vulnerability.
Descripción:	Summary: Nginx is prone to a stack based buffer overflow vulnerability. Vulnerability Insight: A stack-based buffer overflow will occur in a worker process while handling certain chunked transfer encoding requests. Vulnerability Impact: Successful exploitation will let the remote unauthenticated attackers to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. Affected Software/OS: Nginx version 1.3.9 through 1.4.0 Solution: Upgrade to Nginx version 1.5.0, 1.4.1 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2028 BugTraq ID: 59699 http://www.securityfocus.com/bid/59699 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.html http://security.gentoo.org/glsa/glsa-201310-04.xml http://nginx.org/download/patch.2013.chunked.txt http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/ https://github.com/rapid7/metasploit-framework/pull/1834 http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html http://www.osvdb.org/93037 http://secunia.com/advisories/55181
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.