This host is running nginx and is prone to arbitrary code execution vulnerability.
Successful exploitation will allow remote attackers to execution arbitrary code. Impact Level: Application
Upgrade to nginx 0.7.66 or 0.7.38 or later, For updates refer to http://nginx.org
The null bytes are allowed in URIs by default (their presence is indicated via a variable named zero_in_uri defined in ngx_http_request.h). Individual modules have the ability to opt-out of handling URIs with null bytes.
nginx versions 0.5.x, 0.6.x, 0.7.x to 0.7.65 and 0.8.x to 0.8.37
Updated on 2017-03-28
- Lotus Domino administration databases
- Apache Traffic Server Synthetic Health Checks Remote DoS Vulnerability
- ModSecurity Multiple Remote Denial of Service Vulnerabilities
- Serva32 Directory Traversal and Denial of Service Vulnerabilities
- Ezhometech Ezserver Long 'GET' Request Stack Overflow Vulnerability