ALT-PU-2014-1517-1
Closed vulnerabilities
Published: 2014-03-28
BDU:2015-00636
Уязвимость программного обеспечения nginx, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Severity: MEDIUM (5.1)
References:
Published: 2013-11-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2013-4547
nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.
Severity: HIGH (7.5)
References:
- SUSE-SU-2013:1895
- SUSE-SU-2013:1895
- openSUSE-SU-2013:1745
- openSUSE-SU-2013:1745
- openSUSE-SU-2013:1791
- openSUSE-SU-2013:1791
- openSUSE-SU-2013:1792
- openSUSE-SU-2013:1792
- [nginx-announce] 20131119 nginx security advisory (CVE-2013-4547)
- [nginx-announce] 20131119 nginx security advisory (CVE-2013-4547)
- 55757
- 55757
- 55822
- 55822
- 55825
- 55825
- DSA-2802
- DSA-2802
Published: 2014-03-28
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-0133
Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request.
Severity: HIGH (7.5)
References:
Closed bugs
[FR] WebM MIME type
CVE-2013-4547 в nginx
При обновлении затирается файл /etc/nginx/sites-available.d/default.conf
Забыли stat.xsl
CVE-2014-0133