nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability

Bugtraq ID: 63814
Class: Access Validation Error
CVE: CVE-2013-4547
Remote: Yes
Local: No
Published: Nov 19 2013 12:00AM
Updated: May 07 2015 05:10PM
Credit: Ivan Fratric of the Google Security Team
Vulnerable: SuSE WebYaST 1.3
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
SuSE Studio Onsite 1.3
SuSE Lifecycle Management Server 1.3
S.u.S.E. openSUSE 13.1
S.u.S.E. openSUSE 12.3
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
Igor Sysoev nginx 1.5.6
Igor Sysoev nginx 1.4.1
Igor Sysoev nginx 1.3.9
Igor Sysoev nginx 1.3.1
Igor Sysoev nginx 1.3
Igor Sysoev nginx 1.2.1
Igor Sysoev nginx 1.2
Igor Sysoev nginx 1.1.17
Igor Sysoev nginx 1.0.14
Igor Sysoev nginx 1.0.10
Igor Sysoev nginx 1.0.9
Igor Sysoev nginx 1.0.8
Igor Sysoev nginx 0.8.42
Igor Sysoev nginx 0.8.41
Igor Sysoev nginx 1.1.19
Igor Sysoev nginx 1.0.15
IBM SmartCloud Provisioning 2.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Igor Sysoev nginx 1.5.7
Igor Sysoev nginx 1.4.4
IBM SmartCloud Provisioning 2.2


 

Privacy Statement
Copyright 2010, SecurityFocus