38 points | by ejcho 20 hours ago ago
3 comments
Severe, but you also need to use quite specific configuration to be vulnerable. I can imagine this pattern to be widespread in some classical PHP applications deployed via nginx.
[dead]
better links:
https://depthfirst.com/research/nginx-rift-achieving-nginx-r... (https://news.ycombinator.com/item?id=48126029)
https://depthfirst.com/nginx-rift (https://news.ycombinator.com/item?id=48123365)
Severe, but you also need to use quite specific configuration to be vulnerable. I can imagine this pattern to be widespread in some classical PHP applications deployed via nginx.
[dead]
better links:
https://depthfirst.com/research/nginx-rift-achieving-nginx-r... (https://news.ycombinator.com/item?id=48126029)
https://depthfirst.com/nginx-rift (https://news.ycombinator.com/item?id=48123365)