FreeBSD : nginx -- potential information leak (29194cb8-6e9f-11e1-8376-f0def16c5c1b)

high Nessus Plugin ID 58359

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

nginx development team reports :

Matthew Daley recently discovered a security problem which may lead to a disclosure of previously freed memory on specially crafted response from an upstream server, potentially resulting in sensitive information leak.

Solution

Update the affected packages.

See Also

http://nginx.org/en/CHANGES

http://www.nessus.org/u?3742e362

Plugin Details

Severity: High

ID: 58359

File Name: freebsd_pkg_29194cb86e9f11e18376f0def16c5c1b.nasl

Version: 1.6

Type: local

Published: 3/16/2012

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:nginx, p-cpe:/a:freebsd:freebsd:nginx-devel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 3/15/2012

Vulnerability Publication Date: 3/15/2012