18 year old critical vulnerability found in Nginx

eejcho about 4 hours ago 2 commentsRead Article on twitter.com

ZH version is available. Content is displayed in original English for accuracy.

Discussion (2 Comments)Read Original on HackerNews

ktpsns•about 3 hours ago

Severe, but you also need to use quite specific configuration to be vulnerable. I can imagine this pattern to be widespread in some classical PHP applications deployed via nginx.

ChrisArchitect•about 1 hour ago

better links:

https://depthfirst.com/research/nginx-rift-achieving-nginx-r... (https://news.ycombinator.com/item?id=48126029)

https://depthfirst.com/nginx-rift (https://news.ycombinator.com/item?id=48123365)