FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2013-2028

This CVE name corresponds to:

Entered Topic
2013-05-07 nginx -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2013-2028 at cve.mitre.org

Details

Type Candidate
Name CVE-2013-2028
Phase Assigned(20130219)

Description

The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.

References

Source Reference
MLIST [nginx-announce] 20130507 nginx security advisory (CVE-2013-2028)
MISC http://nginx.org/download/patch.2013.chunked.txt
MISC http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html
MISC http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/
MISC https://github.com/rapid7/metasploit-framework/pull/1834
FEDORA FEDORA-2013-7560
GENTOO GLSA-201310-04
OSVDB 93037
SECUNIA 55181

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.