Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

nginx HTTP Request Header Remote Buffer Overflow



The remote web server is affected by a remote denial of service vulnerability.


The remote host is running a version of nginx web server earlier than 0.5.38, 0.6.39, or 0.7.62. Such versions are potentially affected by a remote denial of service vulnerability because the application fails to to perform adequate bounds checking in the 'ngx_http_process_request_headers()' function of the 'src/http/ngx_http_request.c' source file. An attacker, exploiting this flaw, can cause the web server to crash, or potentially run arbitrary code subject to the privileges of the web server process.


Apply the patch from the vendor, or upgrade to nginx 0.5.38, 0.6.39, or 0.7.62