nginx <= 1.3.13 Insecure Log Permissions
High Nessus Plugin ID 122612
SynopsisThe remote web server is affected by an information disclosure vulnerability.
DescriptionAccording to its Server response header, the installed version of nginx is prior to or equal to 1.3.13. It is, therefore, affected by a flaw related to creating and handling log files that allows information disclosure due to insecure filesystem permissions.
SolutionUpgrade to nginx 1.3.14 or later.