Candidate: CVE-2013-4547
PublicDate: 2013-11-23 18:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547
 http://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html
Description:
 nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers
 to bypass intended restrictions via an unescaped space character in a URI.
Ubuntu-Description: 
Notes: 
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1253691
Priority: medium
Discovered-by: Ivan Fratric
Assigned-to: 
CVSS: 

Patches_nginx:
 upstream: http://nginx.org/download/patch.2013.space.txt
upstream_nginx: released (1.4.4, 1.5.7)
lucid_nginx: ignored (reached end-of-life)
precise_nginx: released (1.1.19-1ubuntu0.5)
quantal_nginx: released (1.2.1-2.2ubuntu0.2)
raring_nginx: released (1.2.6-1ubuntu3.3)
saucy_nginx: released (1.4.1-3ubuntu1.1)
devel_nginx: not-affected (1.4.4-1ubuntu1)