回复: nginx security advisory (CVE-2013-4547)

yzprofile yzprofiles at gmail.com
Thu Nov 21 09:15:58 UTC 2013


Hi,  

I have a question with this POC:

> location /protected/ {
> deny all;
> }
>  
> location ~ \.php$ {
> fastcgi_pass ...
> }


These locations own different priorities, http://nginx.org/en/docs/http/ngx_http_core_module.html#location

I think every request like “/protected/hello.php” can bypass this security restriction like “location /protected {deny all;}”.

Is there something wrong with this POC description or something I misunderstand? Thanks.

Regards.

yzprofile
>  
>  


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20131121/9abeaee4/attachment.html>


More information about the nginx mailing list