Detections
Analytics

GLSA-200909-18 : nginx: Remote execution of arbitrary code

high Nessus Plugin ID 41022

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200909-18 (nginx: Remote execution of arbitrary code)

 Chris Ries reported a heap-based buffer underflow in the ngx_http_parse_complex_uri() function in http/ngx_http_parse.c when parsing the request URI.
 Impact :

 A remote attacker might send a specially crafted request URI to a nginx server, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the server, or a Denial of Service. NOTE: By default, nginx runs as the 'nginx' user.
 Workaround :

 There is no known workaround at this time.

Solution

All nginx 0.5.x users should upgrade to the latest version:
 # emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/nginx-0.5.38' All nginx 0.6.x users should upgrade to the latest version:
 # emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/nginx-0.6.39' All nginx 0.7.x users should upgrade to the latest version:
 # emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/nginx-0.7.62'

See Also

https://security.gentoo.org/glsa/200909-18

Plugin Details

Severity: High

ID: 41022

File Name: gentoo_GLSA-200909-18.nasl

Version: 1.14

Type: local

Published: 9/21/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:nginx, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/18/2009

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2009-2629

CWE: 119

GLSA: 200909-18