Novell Home

CVE-2013-4547

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-4547 at MITRE

Description

nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 851295

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Lifecycle Management Server 1.3
SUSE Studio Onsite 1.3
WebYaST 1.3
  • nginx-1.0 >= 1.0.15-0.8.1
Builds
SAT Patch Nr: 8600

List of products where fixes are in QA

SUSE Studio Onsite 1.2 [Appliance - Studio]
SUSE Studio Standard Edition 1.2
WebYaST 1.2

© 2014 Novell