ALT-PU-2016-1070-1
Closed vulnerabilities
BDU:2016-00707
Уязвимость прокси-сервера nginx, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2016-0742
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.
- openSUSE-SU-2016:0371
- openSUSE-SU-2016:0371
- [nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)
- [nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)
- 20210921 APPLE-SA-2021-09-20-4 Xcode 13
- 20210921 APPLE-SA-2021-09-20-4 Xcode 13
- DSA-3473
- DSA-3473
- 1034869
- 1034869
- USN-2892-1
- USN-2892-1
- RHSA-2016:1425
- RHSA-2016:1425
- https://bto.bluecoat.com/security-advisory/sa115
- https://bto.bluecoat.com/security-advisory/sa115
- https://bugzilla.redhat.com/show_bug.cgi?id=1302587
- https://bugzilla.redhat.com/show_bug.cgi?id=1302587
- GLSA-201606-06
- GLSA-201606-06
- https://support.apple.com/kb/HT212818
- https://support.apple.com/kb/HT212818
Modified: 2024-11-21
CVE-2016-0746
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.
- openSUSE-SU-2016:0371
- openSUSE-SU-2016:0371
- [nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)
- [nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)
- 20210921 APPLE-SA-2021-09-20-4 Xcode 13
- 20210921 APPLE-SA-2021-09-20-4 Xcode 13
- DSA-3473
- DSA-3473
- 1034869
- 1034869
- USN-2892-1
- USN-2892-1
- RHSA-2016:1425
- RHSA-2016:1425
- https://bto.bluecoat.com/security-advisory/sa115
- https://bto.bluecoat.com/security-advisory/sa115
- https://bugzilla.redhat.com/show_bug.cgi?id=1302588
- https://bugzilla.redhat.com/show_bug.cgi?id=1302588
- GLSA-201606-06
- GLSA-201606-06
- https://support.apple.com/kb/HT212818
- https://support.apple.com/kb/HT212818
Modified: 2024-11-21
CVE-2016-0747
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution.
- openSUSE-SU-2016:0371
- openSUSE-SU-2016:0371
- [nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)
- [nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)
- 20210921 APPLE-SA-2021-09-20-4 Xcode 13
- 20210921 APPLE-SA-2021-09-20-4 Xcode 13
- DSA-3473
- DSA-3473
- 1034869
- 1034869
- USN-2892-1
- USN-2892-1
- RHSA-2016:1425
- RHSA-2016:1425
- https://bto.bluecoat.com/security-advisory/sa115
- https://bto.bluecoat.com/security-advisory/sa115
- https://bugzilla.redhat.com/show_bug.cgi?id=1302589
- https://bugzilla.redhat.com/show_bug.cgi?id=1302589
- GLSA-201606-06
- GLSA-201606-06
- https://support.apple.com/kb/HT212818
- https://support.apple.com/kb/HT212818