|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-06-17 | |
| Rule Name: | Nginx Resolver Off-by-One Memory Corruption Vulnerability (CVE-2021-23017) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. This rule detects malformed traffic towards Nginx DNS resolver. If Nginx is not used, it may cause false positives, then turn off this rule globally. | |
| Impact: | An attacker can execute arbitrary code in the context of the vulnerable system. Failed exploit may cause denial-of-service attack. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html https://lists.apache.org/thread.html/r37e6b2165f7c910d8e15fd54f4697857619ad2625f56583802004009@%3Cnotifications.apisix.apache.org%3E https://lists.apache.org/thread.html/r4d4966221ca399ce948ef34884652265729d7d9ef8179c78d7f17e7f@%3Cnotifications.apisix.apache.org%3E https://lists.apache.org/thread.html/r6fc5c57b38e93e36213e9a18c8a4e5dbd5ced1c7e57f08a1735975ba@%3Cnotifications.apisix.apache.org%3E |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: https://www.nginx.com/blog/updating-nginx-dns-resolver-vulnerability-cve-2021-23017/ |