diff options
author | Wesley Shields <wxs@FreeBSD.org> | 2009-09-14 19:48:49 +0000 |
---|---|---|
committer | Wesley Shields <wxs@FreeBSD.org> | 2009-09-14 19:48:49 +0000 |
commit | facff74f71d4634afce6f93a0dc1a90242d17da3 (patch) | |
tree | 4c81cfc2ccdd45a04625b09cdadbbdf8ad0a47b7 /security/vuxml/vuln.xml | |
parent | b828c456e9f374f918fd4ab7881927a6839c392b (diff) | |
download | ports-facff74f71d4634afce6f93a0dc1a90242d17da3.tar.gz ports-facff74f71d4634afce6f93a0dc1a90242d17da3.zip |
Notes
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r-- | security/vuxml/vuln.xml | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 25544f1f2ab5..afb2ca566a38 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -35,6 +35,41 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="152b27f0-a158-11de-990c-e5b1d4c882e0"> + <topic>nginx -- remote denial of service vulnerability</topic> + <affects> + <package> + <name>nginx</name> + <range><lt>0.7.62</lt></range> + </package> + <package> + <name>nginx-devel</name> + <range><lt>0.8.15</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>nginx security advisory reports:</p> + <blockquote cite="http://nginx.net/CHANGES"> + <p>Chris Ries discovered that nginx, a high-performance HTTP server, + reverse proxy and IMAP/POP3 proxy server, is vulnerable to a buffer + underflow when processing certain HTTP requests. An attacker can + use this to execute arbitrary code with the rights of the worker + process or possibly perform denial of service attacks by repeatedly + crashing worker processes via a specially crafted URL in an HTTP + request.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2009-2629</cvename> + <url>http://nginx.net/CHANGES</url> + </references> + <dates> + <discovery>2009-09-14</discovery> + <entry>2009-09-14</entry> + </dates> + </vuln> <vuln vid="6e8f54af-a07d-11de-a649-000c2955660f"> <topic>ikiwiki -- insufficient blacklisting in teximg plugin</topic> <affects> |