Here's the page we think you wanted. See search results instead:

Toggle Menu

Chat Live

Confirm Your Country or Area

Please Confirm

Confirm your country to access relevant pricing, special offers, events, and contact information.

What are you looking for?

MXG Signal Generator UXA Signal Analyzer UXM for Wi-Fi 7 PXA Signal Analyzer Find a solution Get technical support Take a class Find us at events Premium used equipment KeysightCare Buy online

No product matches found - System Exception

Nginx HTTP request Buffer Underflow and Denial of Service

Strike ID:

E09-51101

CVSS:

7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

False Positive:

Variants:

Year:

2009

Description

This strike exploits a buffer underflow vulnerability in the nginx HTTP server. The underflow can occur when parsing HTTP requests that contain directory traversals. When a "../" sequence occurs, the code does not validate all cases where the parent directory search starts from the root directory. If the request begins with the string "/%23../" "//../", or "/%3F../", the code will search for the "/" character backwards in the heap memory. If found, the data following the request will then be copied to the heap space after it, corrupting memory and potentially terminating the http server.

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2629

Welcome

What are you looking for?

Nginx HTTP request Buffer Underflow and Denial of Service

Description

CVE

Bid