Computer Security
[EN] securityvulns.ru no-pyccku


nginx information leakage
Published:17.03.2012
Source:
SecurityVulns ID:12252
Type:remote
Threat Level:
6/10
Description:Invalid server response can lead to server memory content disclosure.
Affected:NGINX : nginx 1.0
CVE:CVE-2012-1180 (Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.)
Original documentdocumentsecurity-bulletin_(at)_nginx.com, nginx fix for malformed HTTP responses from upstream servers (17.03.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod