[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] nginx security advisory (CVE-2013-2028)
From: Solar Designer <solar () openwall ! com>
Date: 2013-05-22 8:46:18
Message-ID: 20130522084618.GA5003 () openwall ! com
[Download RAW message or body]
On Tue, May 07, 2013 at 05:44:36AM -0700, Andrew Alexeev wrote:
> Greg MacManus, of iSIGHT Partners Labs, found a security problem
> in several recent versions of nginx. A stack-based buffer
> overflow might occur in a worker process while handling a
> specially crafted request, potentially resulting in arbitrary code
> execution (CVE-2013-2028).
A recent blog post on the topic:
"Analysis of nginx 1.3.9/1.4.0 stack buffer overflow and x64
exploitation (CVE-2013-2028)"
http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/
Alexander
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic