Description

This alert was generated using only banner information. It may be a false positive.

Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.

Remediation

Upgrade nginx to the latest version.

References

nginx Homepage

CVE-2009-2629

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5266)

Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-41414)

WordPress Plugin Facebook, Twitter & Google+ Social Widgets Multiple Vulnerabilities (1.3.7)

WordPress Plugin Float to Top Button Cross-Site Scripting (2.3.6)

WordPress Plugin HTTP Headers Multiple Vulnerabilities (1.9.1)

Severity

High

Classification

CVE-2009-2629 CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Buffer Overflow Missing Update