Test ID:	1.3.6.1.4.1.25623.1.0.100275
Category:	Web Servers
Title:	nginx WebDAV Multiple Directory Traversal Vulnerabilities
Summary:	nginx is prone to multiple directory-traversal; vulnerabilities because the software fails to sufficiently sanitize user-supplied input.
Description:	Summary: nginx is prone to multiple directory-traversal vulnerabilities because the software fails to sufficiently sanitize user-supplied input. Vulnerability Impact: An attacker can exploit these issues using directory-traversal strings ('../') to overwrite arbitrary files outside the root directory. Affected Software/OS: These issues affect nginx 0.7.61 and 0.7.62, other versions may also be affected. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 4.9 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3898 http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0379.html http://security.gentoo.org/glsa/glsa-201203-22.xml http://www.openwall.com/lists/oss-security/2009/11/20/1 http://marc.info/?l=oss-security&m=125897327321676&w=2 http://marc.info/?l=oss-security&m=125897425223039&w=2 http://marc.info/?l=oss-security&m=125900327409842&w=2 http://www.openwall.com/lists/oss-security/2009/11/23/10 http://secunia.com/advisories/36818 http://secunia.com/advisories/48577
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.