2 відповідей на “Цілочислене переповнення в nginx”
Leave a Reply
You must be logged in to post a comment.
Виявлене цілочислене переповнення в nginx.
Уразливі версії: nginx 1.4.
Цілочислене переповнення приводить до можливості виконання коду.
This entry was posted on 22:45 06.05.2013 and is filed under Новини, Помилки. You can follow any responses to this entry through the RSS 2.0 feed.
You must be logged in to post a comment.
Copyright © 2006-2023 MustLive. Усі права захищені.
Партнер проекту Websecurity.com.ua - веб проект mlfun.org.ua.
Вівторок, 13:42 07.05.2013
IIRC, this has been verified by the vendor to be total BS. Think you’d want to check the email thread.
Вівторок, 20:09 07.05.2013
dev_zo, thanks for info.
I’ve read original advisory and I had doubts about it. And according to Maxim Konovalov’s letter the developers also have doubts about it. So it can be total BS . But Vladimir published it at Securityvulns and different security web sites published it too, so I decided that people believed the source and posted it by myself. I hope there will be official confirmation (or refutation) of this vulnerability.