Lucene search
ShovellerH1:145409HistoryJun 17, 2016 - 2:10 p.m.
Nextcloud: help.nextcloud.com: Known DoS condition (null pointer deref) in Nginx running
2016-06-1714:10:20
shoveller
hackerone.com
41
EPSS
0.044
Percentile
92.5%
The https://help.nextcloud.com sub-site is running Nginx/1.10.0 which is vuln to a known issue (CVE-2016-4450) which allows a remote malformed HTTP request to cause the Nginx process to crash.
DoS testing is mentioned as not requested, but if you know of an issue give it a go …
You can determine the version running by requesting the IP of the site and getting the HTTP 301, eg: https://88.198.160.135
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4450
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0216)
2022-01-28 00:00:00
Fedora Update for nginx FEDORA-2016-ea323bd6cf
2016-06-08 00:00:00
Fedora Update for nginx FEDORA-2016-c329fc4c32
2016-06-19 00:00:00
archlinux
archlinux
nginx-mainline: denial of service
2016-06-01 00:00:00
nginx: denial of service
2016-06-01 00:00:00
cve
cve
CVE-2016-4450
2016-06-07 14:06:14
nessus
nessus
Fedora 24 : 1:nginx (2016-c329fc4c32)
2016-07-14 00:00:00
nginx < 1.10.1 / 1.11.x < 1.11.1 Denial-of-Service Vulnerability
2018-10-16 00:00:00
f5
f5
SOL08250500 - Nginx vulnerability CVE-2016-4450
2016-10-03 00:00:00
K08250500 : Nginx vulnerability CVE-2016-4450
2016-10-03 00:00:00
ubuntu
ubuntu
nginx vulnerability
2016-06-02 00:00:00
arista
arista
Security Advisory 0021
2016-06-13 00:00:00
cloudfoundry
cloudfoundry
USN-2991-1 nginx vulnerability | Cloud Foundry
2016-06-13 00:00:00
CVE-2016-4450 Nginx Vulnerabilities | Cloud Foundry
2016-07-13 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: nginx-1.10.1-1.fc24
2016-06-18 19:48:54
[SECURITY] Fedora 23 Update: nginx-1.8.1-3.fc23
2016-06-07 01:27:24
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:35:16
cvelist
cvelist
CVE-2016-4450
2016-06-07 14:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package nginx version 1.10.1-alt1
2016-06-01 00:00:00
freebsd
freebsd
nginx -- a specially crafted request might result in worker process crash
2016-05-31 00:00:00
ubuntucve
ubuntucve
CVE-2016-4450
2016-05-31 00:00:00
redhatcve
redhatcve
CVE-2016-4450
2016-06-01 06:48:27
debiancve
debiancve
CVE-2016-4450
2016-06-07 14:06:14
ibm
ibm
amazon
amazon
Medium: nginx
2016-06-15 13:30:00
debian
debian
[SECURITY] [DSA 3592-1] nginx security update
2016-06-01 18:31:10
mageia
mageia
Updated nginx packages fix CVE-2016-4450
2016-06-03 00:40:03
prion
prion
Null pointer dereference
2016-06-07 14:06:00
nvd
nvd
CVE-2016-4450
2016-06-07 14:06:14
nginx
nginx
NULL pointer dereference while writing client request body
2016-06-07 14:06:14
redhat
redhat
(RHSA-2016:1425) Moderate: rh-nginx18-nginx security update
2016-07-14 04:53:33
gentoo
gentoo
nginx: Multiple vulnerabilities
2016-06-17 00:00:00
photon
photon