FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nginx -- Request line parsing vulnerability

Affected packages
0.8.41 <= nginx < 1.4.4,1
0.8.41 <= nginx-devel < 1.5.7

Details

VuXML ID 94b6264a-5140-11e3-8b22-f0def16c5c1b
Discovery 2013-11-19
Entry 2013-11-19

The nginx project reports:

Ivan Fratric of the Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request, or might have potential other impact (CVE-2013-4547).

References

CVE Name CVE-2013-4547
URL http://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html