Description

This alert was generated using only banner information. It may be a false positive.

Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.

Remediation

Upgrade nginx to the latest version.

References

nginx Homepage

CVE-2009-2629

Related Vulnerabilities

WordPress Plugin NextGEN Gallery-WordPress Gallery Remote Code Execution (2.1.59)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5268)

Drupal Other Vulnerability (CVE-2006-1226)

Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.3.21.1)

Severity

High

Classification

CVE-2009-2629 CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Buffer Overflow Missing Update