Candidate: CVE-2009-2629
PublicDate: 2009-09-15 22:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629
Description:
 Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through
 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15
 allows remote attackers to execute arbitrary code via crafted HTTP
 requests.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/430064
Priority: high
Discovered-by:
Assigned-to:
CVSS: 

Patches_nginx:
 vendor: http://www.debian.org/security/2009/dsa-1884
upstream_nginx: released (0.6.39)
dapper_nginx: DNE
hardy_nginx: released (0.5.33-1ubuntu0.1)
intrepid_nginx: released (0.6.32-3ubuntu1.1)
jaunty_nginx: released (0.6.35-0ubuntu1.1)
devel_nginx: not-affected (0.7.61-1ubuntu2)