Nginx WebDAV Multiple Directory Traversal Vulnerabilities Network Vulnerability

Summary

The 'nginx' program is prone to multiple directory-traversal vulnerabilities because the software fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues using directory-traversal strings ('../') to overwrite arbitrary files outside the root directory. These issues affect nginx 0.7.61 and 0.7.62 other versions may also be affected.

References

http://nginx.net/
http://www.securityfocus.com/archive/1/506662
http://www.securityfocus.com/bid/36490

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3898
CVSS Base Score: 4.9
AV:N/AC:M/Au:S/C:P/I:P/A:N

Related Vulnerabilities

IOServer Trailing Backslash Multiple Directory Traversal Vulnerabilities
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011
Apache HTTP Server 'mod_dav_svn' Denial of Service Vulnerability (Windows)
Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability
Acritum Femitter Server 1.03 Multiple Remote Vulnerabilities

nginx WebDAV Multiple Directory Traversal Vulnerabilities

Take action and discover your vulnerabilities