vulnerability

Alpine Linux: CVE-2016-0747: nginx Mutiples vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Feb 15, 2016	Aug 30, 2017	Jan 8, 2018

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Feb 15, 2016

Added

Aug 30, 2017

Modified

Jan 8, 2018

Description

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution.

Solution

alpine-linux-upgrade-nginx

References

ALPINE-5052
ALPINE-5053
CVE-2016-0747
https://attackerkb.com/topics/CVE-2016-0747
DEBIAN-DSA-3473
REDHAT-RHSA-2016:1425

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today