Security Portal

Intrusion Prevention Service

 
Signature Version: 4.982

 



WEB Nginx ngx_http_parse_chunked Buffer Overflow -1 (CVE-2013-2028)
 
Threat Level: High
Release Date: 2013/5/14
 
Category: Buffer Overflow
Signature ID: 1057664
Included In:
Affected OS: Windows, Linux, FreeBSD, Solaris, Other Unix, Mac OS
 
Description: A stack buffer overflow vulnerability has been reported in Nginx. The vulnerability is due to insufficient validation of chunked data in the ngx_http_parse_chunked() function.
 
Impact: Remote code execution
Recommendation: Update vendor's patch.
 
False Positive: None
False Negative: Sightly
 
Additional Information (Links open in new window):
Reference(s): CVE-2013-2028; CVE-2013-4322
 

Search the Threat Database
Enter Rule ID or Name