nginx remote exploit?

Cliff Wells cliff at
Fri Jun 4 21:32:22 MSD 2010

On Sat, 2010-06-05 at 00:26 +0700, Edho P Arief wrote:
> >
> I believe something related to the recent php pathinfo things

I believe he is referring to *old* exploits (hence the title mentioning
"dinosaurs").   The posting is specifically referring to stuff people
never got around to and he says "works even when you don't expect it to"
about the Nginx exploit.

My feeling is that if you are running an up-to-date version of Nginx
then whatever exploit he is referring to will not affect you.



More information about the nginx mailing list