Summary
The 'nginx' program is prone to a vulnerability that may allow attackers to spoof domains because the software fails to properly compare domains when referencing an internal DNS cache.
This issue can be exploited when nginx is configured to act as a forward proxy, but this is a nonstandard and unsupported configuration. Attacks against other configurations may also be possible.
Successful exploits may allow remote attackers to intercept traffic intended for legitimate websites, which may aid in further attacks.
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- AOLServer Terminal Escape Sequence in Logs Command Injection Vulnerability
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 01 - March 2011
- IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities
- Authentication bypassing in Lotus Domino
- GoAhead WebServer Script Source Code Disclosure