Vulnerabilities are the prime gateways of cyber crimes. Even though it is a small bug, it can be a big weapon of criminals. Three vulnerabilities have been found in Nginx web server that could provide opportunities for the attackers to exploit.
Flaws Found in Different Versions: These flaws are identified in Nginx versions between 0.6.18 and 1.9.9 where the resolver directive is used in the configuration file. An invalid pointer dereference, Use-after-free condition and CNAME resolution flaws, found in Ngnix server, are not much severe, but it can lead to cyber threat. In order to avoid the attacks, you can upgrade to the latest Nginx version 1.9.10 and 1.8.1.
Types of Flaws: As mentioned above, Ngnix Resolver holds three flaws: An invalid pointer dereference, Use-after-free condition and CNAME resolution.
- An invalid pointer dereference: This happens, while DNS server responds, enabling attackers to forge UDP packets from the DNS server to affect worker process crash. Apart from this, there are lots of impacts your website will have.
- Use-after-free condition: User-after-free condition may occur during CNAME response process. It allows attackers to trigger name resolution to cause worker process crash.
- CNAME resolution: The last flaw is Cname resolution that is insufficiently limited where an attacker can trigger arbitrary name resolution that leads to an excessive resource consumption in worker processes.
As per Nginx Security advisory, these problems affect only Nginx 0.6.18 and 1.9.9, if resolver directive is used in the configuration file.
Non-Security Flaws: Apart from these, there are few non security bugs have been discovered in Ngnix server. Nginx version 1.9.10, which is advisable to upgrade, has fixed the issue where the proxy_protocol parameter of the listen directive was not working properly. The other problem was that upstream servers cached incorrectly when using the Keepalive directive, which was fixed in version 1.9.10.
After version 1.7.11 introduced, few problems appeared which prevent Ngnix from starting on different old Linux variants. Version 1.8.1 has come up with the resolution of this problem.
Version 1.8.1 also fixed the issue that was appearing in a worker process, if the alias directives and try file were used inside a location. Other bugs were also fixed.
Recently, Nginx released its flagship product Ngnix Plus R8 that carries a lot of features and it has also improved HTML5 video caching features, HTTP2 capabilities and OAuth authentication. So, if you are running your websites on Nginx server, upgrade it as soon as possible. We, at DoWebScan, are also providing modules of vulnerability test and Penetration test with advanced features to keep your websites secured.