Nginx stack-based buffer overflow

Description
  • Greg MacManus, of iSIGHT Partners Labs, found a security problem in several recent versions of nginx. A stack-based buffer overflow might occur in a worker process while handling a specially crafted request, potentially resulting in arbitrary code execution (CVE-2013-2028).<br/> <br/> The problem affects nginx <strong><span class="bb-dark">1.3.9 - 1.4.0</strong></span>. <br/> The problem is fixed in nginx <strong><span class="bb-dark">1.5.0, 1.4.1</strong></span>.
Remediation
  • Patch for the problem can be found here: <br/> http://nginx.org/download/patch.2013.chunked.txt<br/> <br/> As a temporary workaround the following configuration can be used in each server{} block:<br/> <pre> if ($http_transfer_encoding ~* chunked) { return 444; } </pre>
References