Nginx.DNS.Resolver.Off-by-One.Heap.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in nginx HTTP Server.
This is due to an off-by-one error in ngx_resolver_copy() function. A remote attacker can exploit this vulnerability by sending specially crafted packets to the target server. Successful exploitation can lead to Denial-of-Service and likely remote code execution
Affected Products
nginx HTTP Server 0.6.18 through 1.20.0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-11-08 | 18.192 | Default_action:pass:drop |
2021-10-27 | 18.186 | Sig Added |
2021-08-24 | 18.145 |