[Bug 1098654] Re: nginx vulnerable to MITM Attack [CVE-2011-4968]
Thomas Ward
teward at trekweb.org
Thu Sep 10 19:33:24 UTC 2015
Ubuntu Wily has a fix for this included as part of the 1.9.3-1ubuntu1
merge. The fix for this issue was introduced in nginx 1.7.0.
** Also affects: nginx (Ubuntu Wily)
Importance: Low
Status: Confirmed
** Changed in: nginx (Ubuntu Wily)
Status: Confirmed => Fix Released
** Description changed:
I am reporting this bug so there's a bug to track this in within
Launchpad. If/when a patch is approved upstream, this bug can be used
as a reference point in the changelog when SRU-ing the fix into older
releases.
Confirmed as Debian Bug 697940.
Confirmed as CVE-2011-4968.
This has already been added to the Ubuntu Security Team Tracker at
http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4968.html
Information as follows comes from the Debian Bug:
"When nginx is configured as a reverse proxy with an https origin server, it is vulnerable to a MITM attack, because it does not verify the certificate of the origin server.
This is upstream's bug https://trac.nginx.org/nginx/ticket/13, and also
CVE-2011-4968.
It appears to have been known for over a year, but the proposed patches
to resolve the problem appear to have never made it through the patch
review process in upstream."
+
+ Sept. 10, 2015: This was 'fixed' upstream in nginx 1.7.0, with a commit
+ landing upstream about 17 months ago. (see the changeset located at
+ https://trac.nginx.org/nginx/changeset/060c2e692b96a150b584b8e30d596be1f2defa9c/nginx
+ )
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1098654
Title:
nginx vulnerable to MITM Attack [CVE-2011-4968]
To manage notifications about this bug go to:
https://bugs.launchpad.net/nginx/+bug/1098654/+subscriptions
More information about the Ubuntu-server-bugs
mailing list