Denial of service in NginX

Posted on Posted in NginX

Decription: A problem was identified in nginx code responsible for saving client request body to a temporary file. A specially crafted request might result in worker process crash due to a NULL pointer dereference while writing client request body to a temporary file (CVE-2016-4450).

Changes:

Affected versions:

  • nginx 1.3.x
  • nginx 1.4.x
  • nginx 1.5.x
  • nginx 1.6.x
  • nginx 1.7.x
  • nginx 1.8.x
  • nginx 1.9.x
  • nginx 1.10.x
  • nginx 1.11.x

Recommended action:
Upgrade to the latest available NginX or apply patches if upgrade is not applicable.

Patch for nginx 1.9.13-1.11.0 can be found here: http://nginx.org/download/patch.2016.write.txt

Patch for older nginx versions (1.3.9 - 1.9.12): http://nginx.org/download/patch.2016.write2.txt

Origin URLs:

  • http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
  • http://www.securitylab.ru/vulnerability/482561.php
  • Leave a Reply

    Your email address will not be published. Required fields are marked *