VDB

GCVE-110-MAGEIA-2014-427

GCVE-110-MAGEIA-2014-427
Advisory Published
Vulnetix · Advisory published October 28, 2014
Updated nginx package fixes security vulnerability: Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was possible to reuse cached SSL sessions in unrelated contexts, allowing virtual host confusion attacks in some configurations by an attacker in a privileged network position (CVE-2014-3616).

Affected Products

VendorProductVersionsPlatforms
Mageianginx0 (affected), 1.2.9-1.3.mga3 (unaffected)
Mageianginx0 (affected), 1.4.7-1.1.mga4 (unaffected)
AWSconfig

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›