[CVE-2014-0133] SPDY Heap Buffer Overflow Vulnerability
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
nginx (Debian) |
Fix Released
|
Unknown
|
|||
nginx (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
This is CVE-2014-0133.
This is Debian Bug 742059.
------
This was the nginx announcement of this issue:
Hello!
A bug in the experimental SPDY implementation in nginx was found, which
might allow an attacker to cause a heap memory buffer overflow in a
worker process by using a specially crafted request, potentially
resulting in arbitrary code execution (CVE-2014-0133).
The problem affects nginx 1.3.15 - 1.5.11, compiled with the
ngx_http_
without --with-debug configure option, if the "spdy" option of the
"listen" directive is used in a configuration file.
The problem is fixed in nginx 1.5.12, 1.4.7.
Patch for the problem can be found here:
http://
Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr. Manuel
Sadosky, Buenos Aires, Argentina.
------
Trusty and Saucy are affected.
Related branches
CVE References
Changed in nginx (Debian): | |
status: | Unknown → Fix Released |
Key thing to check is if all binaries build with the --with-debug option. If they all build with it, then we are not vulnerable. (according to the Debian people)