nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
References
Link | Resource |
---|---|
http://english.securitylab.ru/lab/PT-2012-06 | Mitigation Third Party Advisory |
http://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html | Mitigation Vendor Advisory |
http://nginx.org/en/security_advisories.html | Vendor Advisory |
http://english.securitylab.ru/lab/PT-2012-06 | Mitigation Third Party Advisory |
http://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html | Mitigation Vendor Advisory |
http://nginx.org/en/security_advisories.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 01:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://english.securitylab.ru/lab/PT-2012-06 - Mitigation, Third Party Advisory | |
References | () http://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html - Mitigation, Vendor Advisory | |
References | () http://nginx.org/en/security_advisories.html - Vendor Advisory |
10 Nov 2021, 15:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:nginx:nginx:1.3.0:*:*:*:*:*:*:* |
cpe:2.3:a:f5:nginx:1.3.0:*:*:*:*:*:*:* cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:* |
Information
Published : 2012-07-26 19:55
Updated : 2024-11-21 01:33
NVD link : CVE-2011-4963
Mitre link : CVE-2011-4963
CVE.ORG link : CVE-2011-4963
JSON object : View
Products Affected
microsoft
- windows
f5
- nginx
CWE