[Bug 803720] Re: nginx packages in hardy/hardy-backports allow null-byte vulnerability in certain configurations

Neal Poole 803720 at bugs.launchpad.net
Sat Aug 27 03:56:51 UTC 2011


FYI, the details have been published at
https://nealpoole.com/blog/2011/08/possible-arbitrary-code-execution-
with-null-bytes-php-and-old-versions-of-nginx/

Chinese hackers appear to be particularly interested in this
vulnerability. I would recommend trying to release a patched version
ASAP.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/803720

Title:
  nginx packages in hardy/hardy-backports allow null-byte vulnerability
  in certain configurations

To manage notifications about this bug go to:
https://bugs.launchpad.net/hardy-backports/+bug/803720/+subscriptions



More information about the ubuntu-backports mailing list