Sunday, May 30, 2021

Ubuntu: USN-4967-1 (CVE-2021-23017): nginx vulnerability

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-4967-1:Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx incorrectly handled responses to the DNS resolver. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code.
  • ubuntu-upgrade-nginx
  • ubuntu-upgrade-nginx-common
  • ubuntu-upgrade-nginx-core
  • ubuntu-upgrade-nginx-extras
  • ubuntu-upgrade-nginx-full
  • ubuntu-upgrade-nginx-light

  • References
  • USN-4967-1
  • CVE-2021-23017


    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated