ID

VAR-201811-0987


CVE

CVE-2018-16845


TITLE

nginx Information Disclosure Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-014189

DESCRIPTION

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module. nginx Contains an information disclosure vulnerability.Information obtained and denial of service (DoS) May be in a state. nginx is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions. Versions prior to nginx 1.15.6 and 1.14.1 are vulnerable. nginx is a lightweight web server/reverse proxy server and email (IMAP/POP3) proxy server developed by Russian programmer Igor Sysoev. The vulnerability is caused by the program not processing MP4 files correctly. For the stable distribution (stretch), these problems have been fixed in version 1.10.3-1+deb9u2. We recommend that you upgrade your nginx packages. ========================================================================== Ubuntu Security Notice USN-3812-1 November 07, 2018 nginx vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in nginx. Software Description: - nginx: small, powerful, scalable web/proxy server Details: It was discovered that nginx incorrectly handled the HTTP/2 implementation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16843) Gal Goldshtein discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause excessive CPU usage, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16844) It was discovered that nginx incorrectly handled the ngx_http_mp4_module module. (CVE-2018-16845) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: nginx-common 1.15.5-0ubuntu2.1 nginx-core 1.15.5-0ubuntu2.1 nginx-extras 1.15.5-0ubuntu2.1 nginx-full 1.15.5-0ubuntu2.1 nginx-light 1.15.5-0ubuntu2.1 Ubuntu 18.04 LTS: nginx-common 1.14.0-0ubuntu1.2 nginx-core 1.14.0-0ubuntu1.2 nginx-extras 1.14.0-0ubuntu1.2 nginx-full 1.14.0-0ubuntu1.2 nginx-light 1.14.0-0ubuntu1.2 Ubuntu 16.04 LTS: nginx-common 1.10.3-0ubuntu0.16.04.3 nginx-core 1.10.3-0ubuntu0.16.04.3 nginx-extras 1.10.3-0ubuntu0.16.04.3 nginx-full 1.10.3-0ubuntu0.16.04.3 nginx-light 1.10.3-0ubuntu0.16.04.3 Ubuntu 14.04 LTS: nginx-common 1.4.6-1ubuntu3.9 nginx-core 1.4.6-1ubuntu3.9 nginx-extras 1.4.6-1ubuntu3.9 nginx-full 1.4.6-1ubuntu3.9 nginx-light 1.4.6-1ubuntu3.9 In general, a standard system update will make all the necessary changes. The following packages have been upgraded to a later upstream version: rh-nginx114-nginx (1.14.1). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: rh-nginx110-nginx security update Advisory ID: RHSA-2018:3653-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2018:3653 Issue date: 2018-11-26 CVE Names: CVE-2018-16843 CVE-2018-16845 ===================================================================== 1. Summary: An update for rh-nginx110-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): * nginx: Denial of service and memory disclosure via mp4 module (CVE-2018-16845) * nginx: Excessive memory consumption via flaw in HTTP/2 implementation (CVE-2018-16843) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Nginx project for reporting these issues. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The rh-nginx110-nginx service must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1644508 - CVE-2018-16845 nginx: Denial of service and memory disclosure via mp4 module 1644511 - CVE-2018-16843 nginx: Excessive memory consumption via flaw in HTTP/2 implementation 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-nginx110-nginx-1.10.2-8.el6.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-nginx110-nginx-1.10.2-8.el6.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-16843 https://access.redhat.com/security/cve/CVE-2018-16845 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW/vmotzjgjWX9erEAQgLFQ//c0AzsoAslgezACNt/7IQuf7IJy0o3ZJS RivGOSPey3gjDQDioSB5LYv5W89fmX5lQ8NsSmx/K+soAPpsz2OmwkFrJ3Mu9D/U DvE5WxP0TQcJOizA9k6huKhwtLYLmkMrnRmZUIJ/E6BiLVZbAP8/1CnoryK+JBum Ml1oFeOZUgwz2x0pvBPVPqGsRBFK3cE1SRxnSHgvwchMxYKSTwrHMARYFUavOrmZ VVRbL8xIiCPCEl7/OPKO3QD4M2vXhMHRwaquZJS/A6+Vls53qGAjJ9q3iLE+sEl5 Lb3B3AkbOtURmmoKOb8wdWlo9YRHckG+4mLXonNCIUteSZDWukns8gKti+AcSyOs gZ4e+IXDahfnP1+Lg9StFthKexpGGwp/ASBi0OZ8ZmyA6IVQzGyXW7nADlrdolKj 9q2zXQMPVFEtYu7tvDb/eJZq+ch/fkjIywps6+lQKRTkRSkT7SzUuopRj4z0eWt7 hy7/WXdf9+55sR6VM2XTQi5Oj4xjJkzmrFuYc2tG9oLSc2M+11ouuY/DgaMGnilE HVFQ5L9OjV7fV3yPbxFIA2avu4BuCR2xwggQ0fNihAtcqmCiYSESfIsCvHcM+V4P AQIcEgyuW0KOPH7ygRcBFbniri+sYRAk96jRpZtccmCjw45DUZcFdeHWJheWcZNc chCvd465nBo= =EyM5 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-09-20-4 Xcode 13 Xcode 13 addresses the following issues. IDE Xcode Server Available for: macOS Big Sur 11.3 and later Impact: Multiple issues in nginx Description: Multiple issues were addressed by updating nginx to version 1.21.0. CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 CVE-2017-7529 CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 Installation note: Xcode 13 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "Xcode 13"

Trust: 2.52

sources: NVD: CVE-2018-16845 // JVNDB: JVNDB-2018-014189 // BID: 105868 // VULHUB: VHN-127245 // VULMON: CVE-2018-16845 // PACKETSTORM: 150253 // PACKETSTORM: 150214 // PACKETSTORM: 150481 // PACKETSTORM: 150458 // PACKETSTORM: 164240

AFFECTED PRODUCTS

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:f5model:nginxscope:gteversion:1.0.7

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:f5model:nginxscope:lteversion:1.15.5

Trust: 1.0

vendor:applemodel:xcodescope:ltversion:13.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.10

Trust: 1.0

vendor:f5model:nginxscope:lteversion:1.0.15

Trust: 1.0

vendor:f5model:nginxscope:gteversion:1.1.3

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:canonicalmodel:ubuntuscope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:igor sysoevmodel:nginxscope:ltversion:1.14.1

Trust: 0.8

vendor:igor sysoevmodel:nginxscope:ltversion:1.15.6

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope: - version: -

Trust: 0.8

vendor:ubuntumodel:linuxscope:eqversion:18.10

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:18.04

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:16.04

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:14.04

Trust: 0.3

vendor:redhatmodel:software collections for rhelscope:eqversion:0

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.15.5

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.14

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.13.3

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.12.1

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.12

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.11.12

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.11.1

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.11

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.10.3

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.10.1

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.10

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.9.15

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.9.10

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.9.9

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.9.5

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.9

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.8.1

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.8

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.7.12

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.7

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.6.3

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.13

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.4.7

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.16

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.15

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.14

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.11

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.2.9

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.18

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.17

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.6.1

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.6.0

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.9

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.8

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.7

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.6

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.5

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.4

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.3

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.2

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.12

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.11

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.10

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.1

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.5.0

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.4.3

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.4.2

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.4.1

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.4.0

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.9

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.8

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.7

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.6

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.5

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.4

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.3

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.2

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.13

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.12

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.10

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.1

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.3.0

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.2.0

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.9

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.8

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.7

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.6

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.5

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.4

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.3

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.2

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.19

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.16

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.15

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.14

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.13

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.12

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.11

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.10

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.1

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.1.0

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.0.9

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.0.8

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.0.7

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.0.15

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.0.14

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.0.13

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.0.12

Trust: 0.3

vendor:nginxmodel:nginxscope:eqversion:1.0.10

Trust: 0.3

vendor:nginxmodel:nginxscope:neversion:1.15.6

Trust: 0.3

vendor:nginxmodel:nginxscope:neversion:1.14.1

Trust: 0.3

sources: BID: 105868 // JVNDB: JVNDB-2018-014189 // NVD: CVE-2018-16845

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-16845
value: MEDIUM

Trust: 1.0

secalert@redhat.com: CVE-2018-16845
value: HIGH

Trust: 1.0

NVD: CVE-2018-16845
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201811-119
value: MEDIUM

Trust: 0.6

VULHUB: VHN-127245
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-16845
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-16845
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-127245
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-16845
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 4.2
version: 3.1

Trust: 1.0

secalert@redhat.com: CVE-2018-16845
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.2
version: 3.0

Trust: 1.0

NVD: CVE-2018-16845
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-127245 // VULMON: CVE-2018-16845 // JVNDB: JVNDB-2018-014189 // CNNVD: CNNVD-201811-119 // NVD: CVE-2018-16845 // NVD: CVE-2018-16845

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.1

problemtype:CWE-835

Trust: 1.1

problemtype:CWE-200

Trust: 0.9

sources: VULHUB: VHN-127245 // JVNDB: JVNDB-2018-014189 // NVD: CVE-2018-16845

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201811-119

TYPE

memory leak

Trust: 0.6

sources: CNNVD: CNNVD-201811-119

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014189

PATCH

title:[SECURITY] [DLA 1572-1] nginx security updateurl:https://lists.debian.org/debian-lts-announce/2018/11/msg00010.html

Trust: 0.8

title:DSA-4335url:https://www.debian.org/security/2018/dsa-4335

Trust: 0.8

title:Bug 1644508url:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845

Trust: 0.8

title:RHSA-2018:3652url:https://access.redhat.com/errata/RHSA-2018:3652

Trust: 0.8

title:RHSA-2018:3653url:https://access.redhat.com/errata/RHSA-2018:3653

Trust: 0.8

title:RHSA-2018:3680url:https://access.redhat.com/errata/RHSA-2018:3680

Trust: 0.8

title:RHSA-2018:3681url:https://access.redhat.com/errata/RHSA-2018:3681

Trust: 0.8

title:USN-3812-1url:https://usn.ubuntu.com/3812-1/

Trust: 0.8

title:(CVE-2018-16845)url:http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html

Trust: 0.8

title:Nginx Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=86626

Trust: 0.6

title:Red Hat: Important: rh-nginx18-nginx security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183652 - Security Advisory

Trust: 0.1

title:Red Hat: Important: rh-nginx110-nginx security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183653 - Security Advisory

Trust: 0.1

title:Red Hat: Important: rh-nginx112-nginx security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183680 - Security Advisory

Trust: 0.1

title:Red Hat: Important: rh-nginx114-nginx security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183681 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: nginx vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3812-1

Trust: 0.1

title:Red Hat: CVE-2018-16845url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-16845

Trust: 0.1

title:Debian CVElist Bug Report Logs: nginx: CVE-2018-16843 CVE-2018-16844 CVE-2018-16845url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=f21dcb5d073b4fb671c738fa256c2347

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal’s dependencies – Cumulative list from June 28, 2018 to December 13, 2018url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=43da2cd72c1e378d8d94ecec029fcc61

Trust: 0.1

title:CVE-2018-16845url:https://github.com/T4t4ru/CVE-2018-16845

Trust: 0.1

title:anitazhaochen.github.iourl:https://github.com/anitazhaochen/anitazhaochen.github.io

Trust: 0.1

sources: VULMON: CVE-2018-16845 // JVNDB: JVNDB-2018-014189 // CNNVD: CNNVD-201811-119

EXTERNAL IDS

db:NVDid:CVE-2018-16845

Trust: 3.4

db:BIDid:105868

Trust: 2.0

db:SECTRACKid:1042039

Trust: 1.7

db:JVNDBid:JVNDB-2018-014189

Trust: 0.8

db:CNNVDid:CNNVD-201811-119

Trust: 0.7

db:PACKETSTORMid:164240

Trust: 0.7

db:AUSCERTid:ESB-2019.3384

Trust: 0.6

db:AUSCERTid:ESB-2021.3157

Trust: 0.6

db:AUSCERTid:ESB-2020.0464

Trust: 0.6

db:AUSCERTid:ESB-2019.0451

Trust: 0.6

db:CS-HELPid:SB2022042571

Trust: 0.6

db:PACKETSTORMid:150453

Trust: 0.1

db:VULHUBid:VHN-127245

Trust: 0.1

db:VULMONid:CVE-2018-16845

Trust: 0.1

db:PACKETSTORMid:150253

Trust: 0.1

db:PACKETSTORMid:150214

Trust: 0.1

db:PACKETSTORMid:150481

Trust: 0.1

db:PACKETSTORMid:150458

Trust: 0.1

sources: VULHUB: VHN-127245 // VULMON: CVE-2018-16845 // BID: 105868 // JVNDB: JVNDB-2018-014189 // PACKETSTORM: 150253 // PACKETSTORM: 150214 // PACKETSTORM: 150481 // PACKETSTORM: 150458 // PACKETSTORM: 164240 // CNNVD: CNNVD-201811-119 // NVD: CVE-2018-16845

REFERENCES

url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2018-16845

Trust: 2.0

url:http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html

Trust: 2.0

url:https://usn.ubuntu.com/3812-1/

Trust: 2.0

url:https://access.redhat.com/errata/rhsa-2018:3653

Trust: 1.8

url:https://access.redhat.com/errata/rhsa-2018:3681

Trust: 1.8

url:http://www.securityfocus.com/bid/105868

Trust: 1.7

url:https://support.apple.com/kb/ht212818

Trust: 1.7

url:https://www.debian.org/security/2018/dsa-4335

Trust: 1.7

url:http://seclists.org/fulldisclosure/2021/sep/36

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2018/11/msg00010.html

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2018:3652

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2018:3680

Trust: 1.7

url:http://www.securitytracker.com/id/1042039

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-16845

Trust: 1.3

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16845

Trust: 0.8

url:https://www.ibm.com/support/pages/node/1489143

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192309-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0464/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3384/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/75522

Trust: 0.6

url:https://support.apple.com/en-us/ht212818

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3157

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022042571

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-aspera-web-shares-application-is-affected-by-nginx-vulnerabilities-cve-2018-16845-cve-2018-16843-cve-2019-7401/

Trust: 0.6

url:https://packetstormsecurity.com/files/164240/apple-security-advisory-2021-09-20-4.html

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2018-16843

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2018-16845

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-16843

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2018-16844

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2018-16844

Trust: 0.4

url:http://nginx.org/

Trust: 0.3

url:http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2018-16844

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2018-16843

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://bugzilla.redhat.com/):

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://security-tracker.debian.org/tracker/nginx

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/nginx/1.14.0-0ubuntu1.2

Trust: 0.1

url:https://usn.ubuntu.com/usn/usn-3812-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/nginx/1.4.6-1ubuntu3.9

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/nginx/1.15.5-0ubuntu2.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/nginx/1.10.3-0ubuntu0.16.04.3

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20372

Trust: 0.1

url:https://support.apple.com/kb/ht201222

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://developer.apple.com/xcode/downloads/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-0746

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-0747

Trust: 0.1

url:https://support.apple.com/ht212818.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-0742

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7529

Trust: 0.1

sources: VULHUB: VHN-127245 // BID: 105868 // JVNDB: JVNDB-2018-014189 // PACKETSTORM: 150253 // PACKETSTORM: 150214 // PACKETSTORM: 150481 // PACKETSTORM: 150458 // PACKETSTORM: 164240 // CNNVD: CNNVD-201811-119 // NVD: CVE-2018-16845

CREDITS

Gal Goldshtein from F5 Networks, and Maxim Konovalov (Nginx)

Trust: 0.3

sources: BID: 105868

SOURCES

db:VULHUBid:VHN-127245
db:VULMONid:CVE-2018-16845
db:BIDid:105868
db:JVNDBid:JVNDB-2018-014189
db:PACKETSTORMid:150253
db:PACKETSTORMid:150214
db:PACKETSTORMid:150481
db:PACKETSTORMid:150458
db:PACKETSTORMid:164240
db:CNNVDid:CNNVD-201811-119
db:NVDid:CVE-2018-16845

LAST UPDATE DATE

2024-11-07T19:47:47.514000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-127245date:2021-11-10T00:00:00
db:VULMONid:CVE-2018-16845date:2022-02-22T00:00:00
db:BIDid:105868date:2018-11-06T00:00:00
db:JVNDBid:JVNDB-2018-014189date:2019-03-14T00:00:00
db:CNNVDid:CNNVD-201811-119date:2023-05-15T00:00:00
db:NVDid:CVE-2018-16845date:2022-02-22T19:27:12.373

SOURCES RELEASE DATE

db:VULHUBid:VHN-127245date:2018-11-07T00:00:00
db:VULMONid:CVE-2018-16845date:2018-11-07T00:00:00
db:BIDid:105868date:2018-11-06T00:00:00
db:JVNDBid:JVNDB-2018-014189date:2019-03-14T00:00:00
db:PACKETSTORMid:150253date:2018-11-12T16:57:53
db:PACKETSTORMid:150214date:2018-11-07T17:35:27
db:PACKETSTORMid:150481date:2018-11-27T17:24:48
db:PACKETSTORMid:150458date:2018-11-26T10:02:22
db:PACKETSTORMid:164240date:2021-09-22T16:28:58
db:CNNVDid:CNNVD-201811-119date:2018-11-07T00:00:00
db:NVDid:CVE-2018-16845date:2018-11-07T14:29:00.883