Nginx updated and immediately planted a new problem for system administrators.
Nginx announced a new vulnerability that allows you to remotely execute code in a fresh release of 1.31.0. According to NebuSec, their protective agent Vega discovered the problem shortly after the developers closed another vulnerability known as nginx-rift.
The new problem is called nginx-poolslip. The company calls it a zero-day vulnerability and claims that it affects the latest version of nginx at the time of the release of the message.
Detailed technical analysis of NebuSec promises to unlock 30 days after the release of the correction. The analysis will include a way to bypass the ASLR, which complicates attacks through vulnerabilities. Until the company discloses the details to prevent the attackers from reading the instructions before the administrators establish the corrections.
Nginx announced a new vulnerability that allows you to remotely execute code in a fresh release of 1.31.0. According to NebuSec, their protective agent Vega discovered the problem shortly after the developers closed another vulnerability known as nginx-rift.
The new problem is called nginx-poolslip. The company calls it a zero-day vulnerability and claims that it affects the latest version of nginx at the time of the release of the message.
Detailed technical analysis of NebuSec promises to unlock 30 days after the release of the correction. The analysis will include a way to bypass the ASLR, which complicates attacks through vulnerabilities. Until the company discloses the details to prevent the attackers from reading the instructions before the administrators establish the corrections.
