Published: 15/06/2010 Updated: 10/11/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

nginx 0.8 prior to 0.8.40 and 0.7 prior to 0.7.66, when running on Windows, allows remote malicious users to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.

Vulnerable Product	Search on Vulmon	Subscribe to Product
f5 nginx

TITLE: NGINX [ENGINE X] SERVER <= 0765 (STABLE)/0839 (DEVELOPMENT) SOURCE CODE DISCLOSURE/DOWNLOAD VULNERABILITY TESTED OS: WINDOWS XP SP3/ WINDOWS 7 HOME PREMIUM SEVERITY: HIGH IMPACT: READ/DOWNLOAD SOURCE CODE OF WEB APP FILES DISCOVERED DATE: 2010-06-04 FIXED DATE: 2010-06-07 FIXED VERSIONS: NGINX/0840 AND NGINX/0766 DISCOVERED BY: JO ...

Issue 1: (Remote Source Disclosure) - Description - nginx 0836 is a multi platform HTTP server This vulnerability exists in the latest Windows version of the application available nginx on Windows is vulnerable to a remote source disclosure attack - Technical Details - (Source Download) [ webserver IP][:port]indexhtml::$DATA I ...

CWE-200 http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html http://www.securityfocus.com/bid/40760 http://www.exploit-db.com/exploits/13818 http://www.exploit-db.com/exploits/13822 https://nvd.nist.gov https://www.exploit-db.com/exploits/13822/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2263

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect