Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 17 Nov 2011 08:58:34 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: nginx resolver heap overflow

On 11/17/2011 08:37 AM, Kurt Seifried wrote:
> On 11/16/2011 10:50 PM, Ben Hawkes wrote:
>> Hi,
>>
>> The nginx team have released stable version 1.0.10, which includes a fix 
>> for a heap overflow bug in the custom DNS resolver:
>>
>> http://trac.nginx.org/nginx/changeset/4268/nginx
>>
>> The resolver is most commonly used with the proxy and fastcgi modules,
>> which are not enabled by default.
>>
>> In order to trigger this condition an attacker would need to be in
>> control of an upstream resolver host, or be in a position to brute-force
>> the weakly generated 16-bit transaction identifier.
>>
>> Thanks,
>> Ben Hawkes
> Do you need a CVE # for this issue?
>
And this is why coffee is a popular morning drink (and Kurt should have
some =).

Please use CVE-2011-4315 for this issue.

-- 

-Kurt Seifried / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ