nginx < 1.6.2 / 1.7.5 SSL Session Reuse

Medium Nessus Plugin ID 78386


The remote web server is affected by an SSL session handling vulnerability.


According to the self-reported version in the server response header, the version of nginx installed on the remote host is 0.5.6 or higher, 1.6.x prior to 1.6.2, or 1.7.x prior to 1.7.5. It is, therefore, affected by an SSL session or TLS session ticket key handling error. A flaw exists in the file 'event/ngx_event_openssl.c' that could allow a remote attacker to obtain sensitive information or to take control of a session.

Note that this issue only affects servers having multiple 'server{}' configurations sharing the same values for 'ssl_session_cache' or 'ssl_session_ticket_key'.


Upgrade to nginx 1.6.2 / 1.7.5 or later.

See Also

Plugin Details

Severity: Medium

ID: 78386

File Name: nginx_1_7_5.nasl

Version: $Revision: 1.2 $

Type: remote

Family: Web Servers

Published: 2014/10/13

Modified: 2018/01/26

Dependencies: 106375

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.5

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/a:igor_sysoev:nginx

Required KB Items: Settings/ParanoidReport, installed_sw/nginx

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/09/16

Vulnerability Publication Date: 2014/08/06

Reference Information

CVE: CVE-2014-3616

BID: 70025

OSVDB: 111637