oss-sec mailing list archives

Re: Nginx ngx_http_close_connection function integer overflow - can anyone confirm this?

From: Alistair Crooks <agc () pkgsrc org>
Date: Fri, 26 Apr 2013 07:48:41 +0200

On Thu, Apr 25, 2013 at 11:36:17PM -0600, Kurt Seifried wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- From Bugtraq:

http://www.securityfocus.com/archive/1/526439/30/0/threaded

Website: http://safe3.com.cn


Is this legit?

I downloaded the index.html file with curl, and embedded around line 87
was a flash file:

<table width="930" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr><td>
<object type="application/x-shockwave-flash" data="/banner.swf?xml=/banner.xml" width="930" height="180">
<param name="movie" value="/banner.swf?xml=/banner.xml"/>
</object>
</td></tr>
<tr>

so I took it to be an attempt at phishing.

Maybe I'm just too paranoid in my old age?

Regards,
Alistair

Current thread:

Nginx ngx_http_close_connection function integer overflow - can anyone confirm this? Kurt Seifried (Apr 25)
- Re: Nginx ngx_http_close_connection function integer overflow - can anyone confirm this? Alistair Crooks (Apr 25)
  - Re: Nginx ngx_http_close_connection function integer overflow - can anyone confirm this? Andrew Alexeev (Apr 26)
    - Re: Nginx ngx_http_close_connection function integer overflow - can anyone confirm this? Shawn (Apr 27)
    - Re: Nginx ngx_http_close_connection function integer overflow - can anyone confirm this? Andrew Alexeev (Apr 29)