Directory traversal vulnerability in nginx web server
A vulnerability in the WebDAV module of lean web server nginx (Engine X) allows attackers to save files outside the specified root path simply by adding characters such as "
../" to the destination path in COPY or MOVE commands. For an attack to be successful, nginx must, however, have been compiled with the
http_dav_module and the attacker must have permission to execute these commands.
According to Kingcope, who discovered the vulnerability, the bug could be significant on virtual hosts with multiple guests. The bug was discovered in version 0.7.61 and has been confirmed in the current version 0.7.62. No update is currently available.
Nginx has been developed by programmer Igor Sysoev and, according to Netcraft's web server survey, is gaining in popularity. Due to its low resource requirements, speed and relatively good functionality, it's now used by a number of major sites. Nginx can also run as a reverse proxy or email proxy.
- nginx - low risk webdav destination bug, advisory from Kingcope.