Vulnerabilities > CVE-2009-3896 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
f5
nginx
CWE-119
nessus

Summary

src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.

Vulnerable Configurations

Part Description Count
Application
F5
282
Application
Nginx
1

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2009-12782.NASL
    description - Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.64-1 - update to 0.7.64 - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.63-1 - update to 0.7.63 - Mon Sep 14 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.62-1 - update to 0.7.62 - fixes CVE-2009-2629 - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.61-1 - update to new stable 0.7.61 - remove third-party module Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id43034
    published2009-12-08
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43034
    titleFedora 11 : nginx-0.7.64-1.fc11 (2009-12782)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2009-12782.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(43034);
      script_version("1.18");
      script_cvs_date("Date: 2019/08/02 13:32:29");
    
      script_cve_id("CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896");
      script_bugtraq_id(36384, 36839, 36935);
      script_xref(name:"FEDORA", value:"2009-12782");
    
      script_name(english:"Fedora 11 : nginx-0.7.64-1.fc11 (2009-12782)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner
        dot org> - 0.7.64-1
    
        - update to 0.7.64
    
        - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at
          hinegardner dot org> - 0.7.63-1
    
        - update to 0.7.63
    
        - Mon Sep 14 2009 Jeremy Hinegardner <jeremy at
          hinegardner dot org> - 0.7.62-1
    
        - update to 0.7.62
    
        - fixes CVE-2009-2629
    
        - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at
          hinegardner dot org> - 0.7.61-1
    
        - update to new stable 0.7.61
    
        - remove third-party module
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=539573"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032258.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?72595697"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected nginx package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(119, 310);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nginx");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/12/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/08");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^11([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 11.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC11", reference:"nginx-0.7.64-1.fc11")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nginx");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2009-12750.NASL
    description - Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.64-1 - Update to new stable 0.7.64 - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.63-1 - Update to new stable 0.7.63 - reinstate zlib dependency Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id43032
    published2009-12-08
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43032
    titleFedora 12 : nginx-0.7.64-1.fc12 (2009-12750)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2009-12750.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(43032);
      script_version("1.17");
      script_cvs_date("Date: 2019/08/02 13:32:29");
    
      script_cve_id("CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896");
      script_bugtraq_id(36384, 36839, 36935);
      script_xref(name:"FEDORA", value:"2009-12750");
    
      script_name(english:"Fedora 12 : nginx-0.7.64-1.fc12 (2009-12750)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner
        dot org> - 0.7.64-1
    
        - Update to new stable 0.7.64
    
        - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at
          hinegardner dot org> - 0.7.63-1
    
        - Update to new stable 0.7.63
    
        - reinstate zlib dependency
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=539573"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032237.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?72850b86"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected nginx package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(119, 310);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nginx");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:12");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/12/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/08");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^12([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 12.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC12", reference:"nginx-0.7.64-1.fc12")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nginx");
    }
    
  • NASL familyWeb Servers
    NASL idNGINX_HTTP_REQUEST_BUFFER_OVERFLOW.NASL
    descriptionThe remote web server is running nginx, a lightweight, high performance web server / reverse proxy and email (IMAP/POP3) proxy. According to its Server response header, the installed version of nginx is affected by multiple vulnerabilities : - A remote buffer overflow attack related to its parsing of complex URIs. - A remote denial of service attack related to its parsing of HTTP request headers.
    last seen2020-05-09
    modified2009-09-24
    plugin id41608
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/41608
    titlenginx HTTP Request Multiple Vulnerabilities
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2009-12775.NASL
    description - Fri Dec 4 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.64-1 - update to 0.7.64 - Thu Oct 29 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.63-1 - update to 0.7.63 - Mon Sep 14 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.62-1 - update to 0.7.62 - fixes CVE-2009-2629 - Sun Aug 2 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.61-1 - update to new stable 0.7.61 - remove third-party module - Sat Apr 11 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> 0.6.36-1 - update to 0.6.36 - Wed Feb 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.35-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.35-2 - rebuild - Thu Feb 19 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.35-1 - update to 0.6.35 - Sat Jan 17 2009 Tomas Mraz <tmraz at redhat.com> - 0.6.34-2 - rebuild with new openssl - Tue Dec 30 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.34-1 - update to 0.6.34 - Thu Dec 4 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.6.33-2 - Fix inclusion of /usr/share/nginx tree => no unowned directories. - Sun Nov 23 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.33-1 - update to 0.6.33 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id43033
    published2009-12-08
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43033
    titleFedora 10 : nginx-0.7.64-1.fc10 (2009-12775)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201203-22.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201203-22 (nginx: Multiple vulnerabilities) Multiple vulnerabilities have been found in nginx: The TLS protocol does not properly handle session renegotiation requests (CVE-2009-3555). The
    last seen2020-06-01
    modified2020-06-02
    plugin id59614
    published2012-06-21
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/59614
    titleGLSA-201203-22 : nginx: Multiple vulnerabilities

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 36839 CVE(CAN) ID: CVE-2009-3896 nginx是多平台的HTTP服务器和邮件代理服务器。 nginx服务器的src/http/ngx_http_parse.c文件的ngx_http_process_request_headers()函数中存在空指针引用错误,远程攻击者可以通过超长的URI来触发这个漏洞,导致worker进程崩溃。 Igor Sysoev nginx 0.8.x Igor Sysoev nginx 0.7.x Igor Sysoev nginx 0.6.x Igor Sysoev nginx 0.5.x Igor Sysoev nginx 0.4.x 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1920-1)以及相应补丁: DSA-1920-1:New nginx packages fix denial of service 链接:http://www.debian.org/security/2009/dsa-1920 补丁下载: Source archives: http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13.orig.tar.gz Size/MD5 checksum: 436610 d385a1e7a23020d421531818d5606b5b http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3.dsc Size/MD5 checksum: 611 c4e1baf967a3dbb19a28bf2da8c32fdb http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3.diff.gz Size/MD5 checksum: 6822 794447a883501912bf6f448b9a561293 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_alpha.deb Size/MD5 checksum: 211432 14edf103968d05ed6b3f0149e790881c amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_amd64.deb Size/MD5 checksum: 196040 70ac342b4cf946ad70d9914c5bc54d38 arm architecture (ARM) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_arm.deb Size/MD5 checksum: 187230 0caef4e2898e11690a49eb45a539ad37 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_hppa.deb Size/MD5 checksum: 205304 05e92ede05223ee00832a7fa22f8712f i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_i386.deb Size/MD5 checksum: 184404 764b3c087859dcf45d888fe6c7f55176 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_ia64.deb Size/MD5 checksum: 278594 4ae16a2fe0a790a1eb567aa2a2c909ea mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_mips.deb Size/MD5 checksum: 208380 a7408a0c1f14f235aec3c9f3a12d5694 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_mipsel.deb Size/MD5 checksum: 207790 67255cb5b5848c714921d0a44abd449d powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_powerpc.deb Size/MD5 checksum: 186666 a0a0505d498f51d2a63e615e8e3e8fe7 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_s390.deb Size/MD5 checksum: 199838 b0d4f3cc9878b0280a8e56a0bd29bd53 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3_sparc.deb Size/MD5 checksum: 185332 9fdd4b7725b4060a311d7f35f9266cfb Debian GNU/Linux 5.0 alias lenny - -------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32.orig.tar.gz Size/MD5 checksum: 522183 c09a2ace3c91f45dabbb608b11e48ed1 http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3.dsc Size/MD5 checksum: 1231 0acea5f6912c80de2c6b54b16c7f008b http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3.diff.gz Size/MD5 checksum: 10814 a5c652551a6457c8ead36578a5ba59bb alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_alpha.deb Size/MD5 checksum: 297934 72777a5e04e324eef3f97d93623a4559 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_amd64.deb Size/MD5 checksum: 268654 8ba00b9fa72c1b6d92ba1f4af5b95e2d arm architecture (ARM) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_arm.deb Size/MD5 checksum: 252062 7de60e3654a0aff273d3340dd46e2cda armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_armel.deb Size/MD5 checksum: 252764 f0ba676c131f1fc992e27cf1c50440d7 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_hppa.deb Size/MD5 checksum: 282454 7d9299fcc9ca9201905790eea2357527 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_i386.deb Size/MD5 checksum: 255294 c7e061bcc8d9272abd91c522e01e05dd ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_ia64.deb Size/MD5 checksum: 420106 3356229c7f62e64c19dd3c3853cb7a87 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_mips.deb Size/MD5 checksum: 283362 9c97f75512a4665c60e20f8fcfff6556 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_mipsel.deb Size/MD5 checksum: 283598 2ebafc8e613da6d28f09d91e1287055c powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_powerpc.deb Size/MD5 checksum: 276188 9c4e725628b775d77aa3a5ccce16063a s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_s390.deb Size/MD5 checksum: 274074 1bbc736cc9651bfd041042b29096bdfa sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/n/nginx/nginx_0.6.32-3+lenny3_sparc.deb Size/MD5 checksum: 256738 eca03da76437d58f898a60c9cb5930d7 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade
idSSV:14982
last seen2017-11-19
modified2009-11-27
published2009-11-27
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-14982
titlenginx ngx_http_process_request_headers()函数空指针引用拒绝服务漏洞