Цілочислене переповнення в nginx

22:45 06.05.2013

Виявлене цілочислене переповнення в nginx.

Уразливі версії: nginx 1.4.

Цілочислене переповнення приводить до можливості виконання коду.

  • Nginx ngx_http_close_connection function integer overflow (деталі)
  • Re: Nginx ngx_http_close_connection function integer overflow (деталі)

2 відповідей на “Цілочислене переповнення в nginx”

  1. dev_zo каже:

    IIRC, this has been verified by the vendor to be total BS. Think you’d want to check the email thread.

  2. MustLive каже:

    dev_zo, thanks for info.

    I’ve read original advisory and I had doubts about it. And according to Maxim Konovalov’s letter the developers also have doubts about it. So it can be total BS :-) . But Vladimir published it at Securityvulns and different security web sites published it too, so I decided that people believed the source and posted it by myself. I hope there will be official confirmation (or refutation) of this vulnerability.

Leave a Reply

You must be logged in to post a comment.