Detections
Analytics

nginx < 1.4.7 / 1.5.12 SPDY Heap Buffer Overflow

medium Nessus Plugin ID 73519

Language:

Synopsis

The remote web server is affected by a heap buffer overflow vulnerability.

Description

According to the self-reported version in the server response header, the installed 1.3.x version of nginx is 1.3.15 or higher, or 1.4.x prior to 1.4.7, or 1.5.x prior to 1.5.12. It is, therefore, affected by a heap buffer overflow vulnerability.

A flaw exists with the SPDY protocol implementation where user input is not properly validated. This could allow a remote attacker to cause a heap-based buffer overflow, causing a denial of service or potential arbitrary code execution.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply the patch manually or upgrade to nginx 1.4.7 / 1.5.12 or later.

See Also

http://nginx.org/en/security_advisories.html

http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html

http://nginx.org/download/patch.2014.spdy2.txt

http://nginx.org/en/CHANGES-1.4

http://nginx.org/en/CHANGES

Plugin Details

Severity: Medium

ID: 73519

File Name: nginx_1_5_12.nasl

Version: 1.12

Type: combined

Agent: unix

Family: Web Servers

Published: 4/15/2014

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5.1

Temporal Score: 3.8

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2014-0133

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:nginx:nginx

Required KB Items: installed_sw/nginx

Exploit Ease: No known exploits are available

Patch Publication Date: 3/18/2014

Vulnerability Publication Date: 3/18/2014

Reference Information

CVE: CVE-2014-0133

BID: 66537