ID

VAR-201310-0633


CVE

CVE-2013-0337


TITLE

nginx Vulnerability in which important information is obtained in default settings

Trust: 0.8

sources: JVNDB: JVNDB-2013-004911

DESCRIPTION

The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files. Nginx is prone to an insecure file-permission vulnerability. Such information could aid in other attacks. nginx is a lightweight web server/reverse proxy server and email (IMAP/POP3) proxy server developed by Russian programmer Igor Sysoev. There is a security vulnerability in the default configuration of nginx 1.3.13 and earlier versions. The vulnerability stems from the fact that the program uses globally readable permissions for the access.log and error.log files. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201310-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: nginx: Multiple vulnerabilities Date: October 06, 2013 Bugs: #458726, #468870 ID: 201310-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in nginx, the worst of which may allow execution of arbitrary code. Background ========== nginx is a robust, small, and high performance HTTP and reverse proxy server. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-servers/nginx < 1.4.1-r2 >= 1.4.1-r2 Description =========== Multiple vulnerabilities have been discovered in nginx. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could send a specially crafted request, possibly resulting in execution of arbitrary code with the privileges of the process, or a Denial of Service condition. Furthermore, a context-dependent attacker may be able to obtain sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All nginx users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/nginx-1.4.1-r2" References ========== [ 1 ] CVE-2013-0337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0337 [ 2 ] CVE-2013-2028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2028 [ 3 ] CVE-2013-2070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2070 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201310-04.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.07

sources: NVD: CVE-2013-0337 // JVNDB: JVNDB-2013-004911 // BID: 58105 // VULHUB: VHN-60339 // PACKETSTORM: 123516

AFFECTED PRODUCTS

vendor:f5model:nginxscope:eqversion:1.0.4

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.19

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.8

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.0

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.3

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.8

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.8

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.10

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.14

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.2

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.12

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.4

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.2

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.1

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.12

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.12

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.3

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.11

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.5

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.13

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.16

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.9

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.14

Trust: 1.0

vendor:f5model:nginxscope:lteversion:1.3.13

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.2

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.5

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.1

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.5

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.13

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.7

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.11

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.4

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.17

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.0

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.15

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.10

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.7

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.11

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.7

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.6

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.3

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.6

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.2.0

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.18

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.3.9

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.0

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.6

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.10

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.1

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.0.9

Trust: 1.0

vendor:f5model:nginxscope:eqversion:1.1.15

Trust: 1.0

vendor:igor sysoevmodel:nginxscope:lteversion:1.3.13

Trust: 0.8

vendor:igor sysoevmodel:nginxscope:eqversion:1.1.14

Trust: 0.6

vendor:igor sysoevmodel:nginxscope:eqversion:1.0.0

Trust: 0.6

vendor:igor sysoevmodel:nginxscope:eqversion:1.0.12

Trust: 0.6

vendor:igor sysoevmodel:nginxscope:eqversion:1.0.15

Trust: 0.6

vendor:igor sysoevmodel:nginxscope:eqversion:1.0.11

Trust: 0.6

vendor:igor sysoevmodel:nginxscope:eqversion:1.0.13

Trust: 0.6

vendor:igor sysoevmodel:nginxscope:eqversion:1.0.10

Trust: 0.6

vendor:igor sysoevmodel:nginxscope:eqversion:1.1.11

Trust: 0.6

vendor:igor sysoevmodel:nginxscope:eqversion:1.0.1

Trust: 0.6

vendor:igor sysoevmodel:nginxscope:eqversion:1.1.10

Trust: 0.6

vendor:igormodel:sysoev nginxscope:eqversion:0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

sources: BID: 58105 // JVNDB: JVNDB-2013-004911 // CNNVD: CNNVD-201302-530 // NVD: CVE-2013-0337

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-0337
value: HIGH

Trust: 1.0

NVD: CVE-2013-0337
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201302-530
value: MEDIUM

Trust: 0.6

VULHUB: VHN-60339
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-0337
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-60339
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-60339 // JVNDB: JVNDB-2013-004911 // CNNVD: CNNVD-201302-530 // NVD: CVE-2013-0337

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-60339 // JVNDB: JVNDB-2013-004911 // NVD: CVE-2013-0337

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201302-530

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201302-530

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-004911

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-60339

PATCH

title:GLSA 201310-04url:http://www.gentoo.org/security/en/glsa/glsa-201310-04.xml

Trust: 0.8

title:Top Pageurl:http://nginx.org/ja/

Trust: 0.8

title:Nginx ‘access.log’ Fixes for insecure file permissions vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=90786

Trust: 0.6

sources: JVNDB: JVNDB-2013-004911 // CNNVD: CNNVD-201302-530

EXTERNAL IDS

db:NVDid:CVE-2013-0337

Trust: 2.9

db:SECUNIAid:55181

Trust: 2.5

db:OPENWALLid:OSS-SECURITY/2013/02/24/1

Trust: 1.7

db:OPENWALLid:OSS-SECURITY/2013/02/21/15

Trust: 1.7

db:OPENWALLid:OSS-SECURITY/2013/02/22/1

Trust: 1.7

db:JVNDBid:JVNDB-2013-004911

Trust: 0.8

db:CNNVDid:CNNVD-201302-530

Trust: 0.7

db:AUSCERTid:ESB-2020.1717

Trust: 0.6

db:BIDid:58105

Trust: 0.4

db:PACKETSTORMid:123516

Trust: 0.2

db:VULHUBid:VHN-60339

Trust: 0.1

sources: VULHUB: VHN-60339 // BID: 58105 // JVNDB: JVNDB-2013-004911 // PACKETSTORM: 123516 // CNNVD: CNNVD-201302-530 // NVD: CVE-2013-0337

REFERENCES

url:http://secunia.com/advisories/55181

Trust: 2.5

url:http://security.gentoo.org/glsa/glsa-201310-04.xml

Trust: 1.8

url:http://www.openwall.com/lists/oss-security/2013/02/22/1

Trust: 1.7

url:http://www.openwall.com/lists/oss-security/2013/02/21/15

Trust: 1.7

url:http://www.openwall.com/lists/oss-security/2013/02/24/1

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0337

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0337

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.1717/

Trust: 0.6

url:http://seclists.org/oss-sec/2013/q1/389

Trust: 0.3

url:http://nginx.org/

Trust: 0.3

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2070

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0337

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-0337

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2028

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2070

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2028

Trust: 0.1

sources: VULHUB: VHN-60339 // BID: 58105 // JVNDB: JVNDB-2013-004911 // PACKETSTORM: 123516 // CNNVD: CNNVD-201302-530 // NVD: CVE-2013-0337

CREDITS

Agostino Sarubbo

Trust: 0.9

sources: BID: 58105 // CNNVD: CNNVD-201302-530

SOURCES

db:VULHUBid:VHN-60339
db:BIDid:58105
db:JVNDBid:JVNDB-2013-004911
db:PACKETSTORMid:123516
db:CNNVDid:CNNVD-201302-530
db:NVDid:CVE-2013-0337

LAST UPDATE DATE

2024-08-14T13:00:43.419000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-60339date:2021-11-10T00:00:00
db:BIDid:58105date:2015-04-13T22:05:00
db:JVNDBid:JVNDB-2013-004911date:2013-10-29T00:00:00
db:CNNVDid:CNNVD-201302-530date:2023-05-15T00:00:00
db:NVDid:CVE-2013-0337date:2021-11-10T15:57:02.123

SOURCES RELEASE DATE

db:VULHUBid:VHN-60339date:2013-10-27T00:00:00
db:BIDid:58105date:2013-02-21T00:00:00
db:JVNDBid:JVNDB-2013-004911date:2013-10-29T00:00:00
db:PACKETSTORMid:123516date:2013-10-07T22:29:42
db:CNNVDid:CNNVD-201302-530date:2013-02-26T00:00:00
db:NVDid:CVE-2013-0337date:2013-10-27T00:55:03.713