Description

This alert was generated using only banner information. It may be a false positive.

Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.

Remediation

Upgrade nginx to the latest version.

References

nginx Homepage

CVE-2009-2629

Related Vulnerabilities

WordPress Plugin WP Review Unspecified Vulnerability (5.2.1)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6634)

WordPress Plugin Spotlight Social Feeds [Block, Shortcode, and Widget] Cross-Site Scripting (1.4.2)

Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-21027)

PrestaShop Incorrect Authorization Vulnerability (CVE-2020-5293)

Severity

High

Classification

CVE-2009-2629 CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Buffer Overflow Missing Update