Showing 1 - 4 of 4

CVE-2016-4450

Status Candidate

Overview

os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.

Related Files

Red Hat Security Advisory 2016-1425-01: Posted Jul 14, 2016; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2016-1425-01 - Nginx is a web and proxy server with a focus on high concurrency, performance, and low memory usage. The following packages have been upgraded to a newer upstream version: rh-nginx18-nginx. Security Fix: A NULL pointer dereference flaw was found in the nginx code responsible for saving client request body to a temporary file. A remote attacker could send a specially crafted request that would cause nginx worker process to crash.; tags | advisory, remote, web; systems | linux, redhat; advisories | CVE-2016-0742, CVE-2016-0746, CVE-2016-0747, CVE-2016-4450; SHA-256 | 9fcd8d112d10abaef25aeda680eb55de09f14a8ddc7a322ba0951f7a1c8d2fc6; Download | Favorite | View

Gentoo Linux Security Advisory 201606-06: Posted Jun 17, 2016; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201606-6 - Multiple vulnerabilities have been found in nginx, the worst of which may allow a remote attacker to cause a Denial of Service. Versions less than 1.10.1 are affected.; tags | advisory, remote, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2016-0742, CVE-2016-0746, CVE-2016-0747, CVE-2016-4450; SHA-256 | 349be5f178a7ffd3a0cdb33c99ffc6c5cd0d4399feee2ba5f8af5d80fe024bb6; Download | Favorite | View

Ubuntu Security Notice USN-2991-1: Posted Jun 2, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2991-1 - It was discovered that nginx incorrectly handled saving client request bodies to temporary files. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2016-4450; SHA-256 | 7b76181d9ee7767473b5043115eb685538577b078986740e6f047b3c64a9826a; Download | Favorite | View

Debian Security Advisory 3592-1: Posted Jun 1, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3592-1 - It was discovered that a NULL pointer dereference in the Nginx code responsible for saving client request bodies to a temporary file might processes.; tags | advisory; systems | linux, debian; advisories | CVE-2016-4450; SHA-256 | 02cf83827d28ed0185f384fd43ea855491aaff4cd89c0c7854b6f96491871ad4; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 317 files
Ubuntu 66 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 10 files
nu11secur1ty 8 files
Google Security Research 6 files
Milad Karimi 6 files
Yevhenii Butenko 4 files
Jann Horn 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,025)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,477)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,700)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,478)
UNIX (9,394)
UnixWare (187)
Windows (6,653)
Other

CVE-2016-4450

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems