Nginx is very nice web server with flexilble configuration options and secure-enough defaults.
But, sometimes administrators can make mistakes cooking it.
Case 1: try_files
Nginx has a nice feature try_files which "checks the existence of files in the
specified order and uses the first found file for request processing ...",
Volema found remotely exploitable buffer overflow vulnerability in libcurl POP3, SMTP protocol handlers which lead to code execution (RCE).
When negotiating SASL DIGEST-MD5 authentication, the function Curl_sasl_create_digest_md5_message() uses the data provided from the server
without doing the proper length checks and that data is then appended to a local fixed-size ...
Hashdos attack on scripting languages was introduced first time at 28C3 conference . It targets the performance bottleneck in keeping large hash tables made of request parameters.
The main way to protect from this attack is to limit the number of request parameters. In PHP it is done through the ...