FreeBSD : nginx -- Request line parsing vulnerability (94b6264a-5140-11e3-8b22-f0def16c5c1b)

High Nessus Plugin ID 70965


The remote FreeBSD host is missing one or more security-related updates.


The nginx project reports :

Ivan Fratric of the Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request, or might have potential other impact (CVE-2013-4547).


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 70965

File Name: freebsd_pkg_94b6264a514011e38b22f0def16c5c1b.nasl

Version: $Revision: 1.3 $

Type: local

Published: 2013/11/20

Modified: 2013/11/26

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:nginx, p-cpe:/a:freebsd:freebsd:nginx-devel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2013/11/19

Vulnerability Publication Date: 2013/11/19

Reference Information

CVE: CVE-2013-4547