A vulnerability in the nginx web server may allow remote attackers to execute arbitrary code on an affected system.
nginx is an HTTP server and mail proxy server that is available for a number of different platforms. A buffer underflow vulnerability exists in the ngx_http_parse_complex_uri() function when handling specially crafted URIs. Exploitation of this vulnerability would cause the nginx server to write data contained in the URI to heap memory before the allocated buffer.
As with a number of other web servers, nginx is designed to operate with a single privileged master process and multiple unprivileged worker processes handling specific requests. A remote, unauthenticated attacker may be able to execute arbitrary code in the context of the worker process or cause the worker process to crash, resulting in a denial of service.
Upgrade or apply a patch
Updated versions of the nginx package have been released to address this issue. Users should consult the Systems Affected section of this document for information about specific vendors.
Debian GNU/Linux Affected
Gentoo Linux Affected
SUSE Linux Not Affected
Sun Microsystems, Inc. Not Affected
The SCO Group Not Affected
Apple Inc. Unknown
Conectiva Inc. Unknown
Cray Inc. Unknown
DragonFly BSD Project Unknown
EMC Corporation Unknown
Engarde Secure Linux Unknown
F5 Networks, Inc. Unknown
Fedora Project Unknown
FreeBSD, Inc. Unknown
Hewlett-Packard Company Unknown
IBM Corporation Unknown
IBM eServer Unknown
Juniper Networks, Inc. Unknown
Mandriva S. A. Unknown
MontaVista Software, Inc. Unknown
NEC Corporation Unknown
Novell, Inc. Unknown
Openwall GNU/*/Linux Unknown
QNX Software Systems Inc. Unknown
Red Hat, Inc. Unknown
Silicon Graphics, Inc. Unknown
Slackware Linux Inc. Unknown
Sony Corporation Unknown
Wind River Systems, Inc. Unknown
Thanks to Chris Ries of the Carnegie Mellon University Information Security Office for reporting this vulnerability.
This document was written by Chad R Dougherty.
|Date First Published:||2009-09-15|
|Date Last Updated:||2009-09-21 19:50 UTC|