Nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability Network Vulnerability

Summary

nginx is prone to a remote heap-based buffer-overflow vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Versions prior to nginx 1.0.10 are vulnerable.

Solution

Vendor updates are available. Please see the references for more information.

References

http://nginx.org/
http://trac.nginx.org/nginx/changeset/4268/nginx
http://www.nginx.org/en/CHANGES
http://www.securityfocus.com/bid/50710

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4315

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

IOServer Trailing Backslash Multiple Directory Traversal Vulnerabilities
IBM WebSphere Application Multiple Vulnerabilities Jul-11
Apache Tomcat Partial HTTP Requests DoS Vulnerability (Windows)
IBM WebSphere Application Server (WAS) Cross-site Scripting Vulnerability
IBM WebSphere Application Server JSF Application Information Disclosure Vulnerability

nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability

Take action and discover your vulnerabilities