Hosted on MSN

An 18-year-old heap buffer overflow in NGINX gives attackers remote code execution — billions of devices run the affected module

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated attacker full remote code execution on the underlying server. The vulnerability, ...
IT News For Australia Business

F5 patches 18-year-old AI-found 'Rift' vulnerability in NGINX web server

F5, the company supporting the world's most popular web server NGINX, has issued patches for a critical memory corruption bug causing a heap buffer overflow, that could potentially be abused for ...