NGINX buffer underflow security vulnerability

Debian安全团队发现nginx存在缓冲区下溢漏洞(CVE-2009-2629),攻击者可能利用此漏洞执行任意代码或进行拒绝服务攻击。Brightbox已发布更新版本0.6.39的nginx包来解决此安全问题。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

From the Debian Security team (CVE-2009-2629):

nginx … is vulnerable to a buffer underflow when processing certain HTTP requests. An attacker can use this to execute arbitrary code with the rights of the worker process or possibly perform denial of service attacks by repeatedly crashing worker processes via a specially crafted URL in an HTTP request.

New versions of our nginx packages that address this security vulnerability are now available. nginx 0.6.39 (with the fair balancer module) is available from the Brightbox apt repositories – running the following command will get you the latest version:

sudo apt-get update
sudo apt-get install nginx
Our more experimental nginx-brightbox package has also been upgraded to 0.6.39. This includes a number of nginx addons, such as the upload module, geoip module, and Phusion Passenger 2.0.5.
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值