icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

nginx < 1.0.14 / 1.1.x < 1.1.17 Information-Disclosure

Medium

Synopsis

The remote web server is affected by an information disclosure vulnerability.

Description

The remote host is running a nginx HTTP server.

Versions earlier than 1.0.14(stable version) or versions earlier than 1.1.17(development version) are vulnerable to an information-disclosure vulnerability, when handling specially crafted HTTP responses. Attackers can exploit this issue to disclose the content of the previously freed memory. (CVE-2012-1180)

Solution

Upgrade to nginx 1.0.14(stable version) or 1.1.17(development version) or later.