Summary
This host is running nginx and is prone to arbitrary code execution vulnerability.
Impact
Successful exploitation will allow remote attackers to execution arbitrary code.
Impact Level: Application
Solution
Upgrade to nginx 0.7.66 or 0.7.38 or later,
For updates refer to http://nginx.org
Insight
The null bytes are allowed in URIs by default (their presence is indicated via a variable named zero_in_uri defined in ngx_http_request.h). Individual modules have the ability to opt-out of handling URIs with null bytes.
Affected
nginx versions 0.5.x, 0.6.x, 0.7.x to 0.7.65 and 0.8.x to 0.8.37
References
Updated on 2017-03-28