Summary
The 'nginx' program is prone to a vulnerability that may allow attackers to spoof domains because the software fails to properly compare domains when referencing an internal DNS cache.
This issue can be exploited when nginx is configured to act as a forward proxy, but this is a nonstandard and unsupported configuration. Attacks against other configurations may also be possible.
Successful exploits may allow remote attackers to intercept traffic intended for legitimate websites, which may aid in further attacks.
References