Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability

by CIRT Team

Description: Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.

Impact: Attackers can exploit this issue to obtain sensitive information or may crash the application resulting in a denial-of-service condition.

Mitigation: Updates are available. Please check specific vendor advisory for more information.

Reference URL’s:

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7529
• http://www.securityfocus.com/bid/99534/info
• http://nginx.org/en/security_advisories.html
• http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html

CIRT Team

Recommended Posts

Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers

08 Feb 2024 - Articles, English articles, Security Advisories & Alerts

বাংলাদেশের আইটি কাঠামোয় তথ্য চুরির ম্যালওয়ারের বিস্তার সম্পর্কে সতর্কতা

18 Jan 2024 - Articles, Bangla Articles, News, Security Advisories & Alerts

সাইবার থ্রেট এলার্টঃ বাংলাদেশকে লক্ষ্য করে চলমান ফিশিং ক্যাম্পেইন

04 Jan 2024 - News, Security Advisories & Alerts