Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Nginx buffer underflow vulnerability - Vulnerability Database

Nginx buffer underflow vulnerability

Description

This alert was generated using only banner information. It may be a false positive.

Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.

Remediation

Upgrade nginx to the latest version.

References

nginx Homepage
CVE-2009-2629

Related Vulnerabilities

Apache version up to 1.3.33 htpasswd local overflow Low
Common tags: Buffer Overflow Missing Update
PHP POST file upload buffer overflow vulnerabilities High
Common tags: Buffer Overflow Missing Update
PHP version older than 5.2.1 High
Common tags: Buffer Overflow Missing Update
PHP HTML entity encoder heap overflow vulnerability High
Common tags: Buffer Overflow Missing Update
Apache mod_rewrite off-by-one buffer overflow vulnerability High
Common tags: Buffer Overflow Missing Update

Severity

High

Classification

CVE-2009-2629
CWE-119
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Buffer Overflow
Missing Update