[Bug 803720] Re: nginx packages in hardy/hardy-backports allow null-byte vulnerability in certain configurations
Neal Poole
803720 at bugs.launchpad.net
Sat Aug 27 03:56:51 UTC 2011
FYI, the details have been published at
https://nealpoole.com/blog/2011/08/possible-arbitrary-code-execution-
with-null-bytes-php-and-old-versions-of-nginx/
Chinese hackers appear to be particularly interested in this
vulnerability. I would recommend trying to release a patched version
ASAP.
--
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/803720
Title:
nginx packages in hardy/hardy-backports allow null-byte vulnerability
in certain configurations
To manage notifications about this bug go to:
https://bugs.launchpad.net/hardy-backports/+bug/803720/+subscriptions
More information about the ubuntu-backports
mailing list