Vulnerability Name:

CVE-2016-4450 (CCN-113746)

Assigned:2016-05-31
Published:2016-05-31
Updated:2021-11-10
Summary:os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-476
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2016-4450

Source: CCN
Type: nginx Mailing List, Tue May 31 16:42:50 UTC 2016
nginx security advisory (CVE-2016-4450)

Source: MLIST
Type: Vendor Advisory
[nginx-announce] 20160531 nginx security advisory (CVE-2016-4450)

Source: CCN
Type: nginx Web site
nginx news

Source: CCN
Type: RHSA-2016-1425
Moderate: rh-nginx18-nginx security update

Source: CCN
Type: SECTRACK ID: 1036019
nginx Null Pointer Dereference in ngx_chain_to_iovec() Lets Remote Users Deny Service

Source: DEBIAN
Type: Third Party Advisory
DSA-3592

Source: CCN
Type: IBM Security Bulletin T1024237 (PowerKVM)
Vulnerabilities in nginx affect PowerKVM

Source: CCN
Type: IBM Security Bulletin 1994168 (StoredIQ)
Vulnerability in nginx affects IBM StoredIQ (CVE-2016-4450)

Source: CCN
Type: IBM Security Bulletin C1000165 (SmartCloud Provisioning)
IBM SmartCloud Provisioning security vulnerability has been identified in nginx (CVE-2016-4450)

Source: BID
Type: Third Party Advisory, VDB Entry
90967

Source: CCN
Type: BID-90967
nginx CVE-2016-4450 Denial of Service Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1036019

Source: UBUNTU
Type: Third Party Advisory
USN-2991-1

Source: REDHAT
Type: Third Party Advisory
RHSA-2016:1425

Source: XF
Type: UNKNOWN
nginx-cve20164450-dos(113746)

Source: GENTOO
Type: Third Party Advisory
GLSA-201606-06

Source: CCN
Type: IBM Security Bulletin Aspera229846687 (Aspera Shares)
Multiple vulnerabilities with the Nginx web server used in IBM Aspera Shares 1.9.2 and earlier

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-4450

Vulnerable Configuration:Configuration 1:
  • cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

  • Configuration 2:
  • cpe:/a:f5:nginx:*:*:*:*:*:*:*:* (Version >= 1.3.9 and < 1.10.1)
  • OR cpe:/a:f5:nginx:1.11.0:*:*:*:*:*:*:*

  • Configuration 3:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:ibm:smartcloud_provisioning:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:powerkvm:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.5:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:608
    P
    Security update for clone-master-clean-up (Moderate) (in QA)
    2022-09-26
    oval:org.opensuse.security:def:20164450
    V
    CVE-2016-4450
    2022-09-02
    oval:org.opensuse.security:def:3508
    P
    gpg2-2.0.24-9.8.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95138
    P
    nginx-1.21.5-150400.1.8 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:1527
    P
    Security update for containerd, docker and runc (Important) (in QA)
    2022-06-14
    oval:org.opensuse.security:def:94230
    P
    (Important)
    2022-05-03
    oval:org.opensuse.security:def:1059
    P
    Security update for libexif (Important)
    2022-04-11
    oval:org.opensuse.security:def:1581
    P
    Security update for python (Moderate)
    2022-04-01
    oval:org.opensuse.security:def:113030
    P
    nginx-1.11.4-2.5 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106473
    P
    Security update for xorg-x11-server (Important)
    2021-12-20
    oval:org.opensuse.security:def:68081
    P
    Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP1) (Important)
    2021-11-17
    oval:org.opensuse.security:def:1643
    P
    Security update for libvirt (Moderate)
    2021-11-05
    oval:org.opensuse.security:def:90061
    P
    nginx-1.14.0-4.24 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:2137
    P
    nginx-1.14.0-4.24 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:63226
    P
    nginx-1.14.0-4.24 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:103716
    P
    nginx-1.14.0-4.24 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:71321
    P
    libtag1-1.11.1-2.50 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:97026
    P
    nginx-1.14.0-4.24 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:66899
    P
    Security update for aspell (Important)
    2021-08-20
    oval:org.opensuse.security:def:47909
    P
    unixODBC-2.3.6-7.9.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47541
    P
    yast2-users-3.2.11-1.47 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47716
    P
    libhivex0-1.3.10-4.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47527
    P
    wpa_supplicant-2.2-14.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48227
    P
    libxml2-2-2.9.4-46.20.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47595
    P
    dosfstools-3.0.26-6.5 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48079
    P
    libXi6-1.7.4-18.6.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47581
    P
    crash-7.2.1-2.19 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48281
    P
    python-cupshelpers-1.5.7-7.5 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47987
    P
    cyrus-sasl-2.1.26-8.7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47526
    P
    wget-1.14-20.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48133
    P
    libjbig2-2.0-12.13 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47855
    P
    perl-YAML-LibYAML-0.38-10.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48041
    P
    hardlink-1.0-6.38 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47662
    P
    libFLAC++6-1.3.0-11.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47580
    P
    cracklib-2.9.0-7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:101384
    P
    nginx-1.19.8-1.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:2269
    P
    nginx-1.19.8-1.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63358
    P
    nginx-1.19.8-1.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:100943
    P
    libnm0-1.22.10-3.7.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1005
    P
    gssproxy-0.8.2-3.6.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:64734
    P
    Security update for curl (Moderate)
    2021-07-21
    oval:org.opensuse.security:def:48754
    P
    pulseaudio-module-bluetooth-5.0-2.7 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48441
    P
    gvim-7.4.326-2.14 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48683
    P
    libgio-fam-2.38.2-5.12 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48579
    P
    mutt-1.6.0-54.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48808
    P
    libwebkit2gtk-3_0-25-2.4.8-16.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48652
    P
    xlockmore-5.43-5.30 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48495
    P
    libgcrypt20-1.6.1-16.33.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48737
    P
    libmikmod3-3.2.0-4.59 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48587
    P
    p7zip-9.20.1-6.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48706
    P
    telepathy-gabble-0.18.1-3.268 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48641
    P
    vino-3.20.2-5.8 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48525
    P
    libmusicbrainz4-2.1.5-27.79 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:66807
    P
    Security update for avahi (Important)
    2021-06-03
    oval:org.opensuse.security:def:67981
    P
    Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP1) (Important)
    2021-04-28
    oval:org.opensuse.security:def:73590
    P
    Security update for wpa_supplicant (Moderate)
    2021-04-13
    oval:org.opensuse.security:def:64647
    P
    Security update for screen (Important)
    2021-02-17
    oval:org.opensuse.security:def:70255
    P
    Security update for nodejs8 (Moderate)
    2021-01-26
    oval:org.opensuse.security:def:63172
    P
    nginx-1.14.0-1.14 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:71434
    P
    apache-commons-httpclient-3.1-9.65 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:117167
    P
    nginx-1.16.1-1.21 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2199
    P
    nginx-1.16.1-1.21 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63288
    P
    nginx-1.16.1-1.21 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107609
    P
    nginx-1.16.1-1.21 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2083
    P
    nginx-1.14.0-1.14 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25631
    P
    Security update for tar (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50022
    P
    nginx on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25256
    P
    Security update for ovmf (Low)
    2020-12-01
    oval:org.opensuse.security:def:26327
    P
    Security update for Chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:25199
    P
    Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:49914
    P
    mercurial on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50084
    P
    nginx on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25118
    P
    Security update for lftp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49968
    P
    nginx on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24991
    P
    Security update for java-1_7_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:25543
    P
    Security update for libgxps (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24927
    P
    Security update for nmap (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25689
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:24916
    P
    Security update for sqlite3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25490
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26362
    P
    Security update for nginx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50030
    P
    rmt-server on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73472
    P
    sane-backends on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25645
    P
    Security update for the Linux Kernel (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25340
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:70150
    P
    blktrace on GA media (Moderate)
    2020-12-01
    oval:org.cisecurity:def:854
    P
    DSA-3592-1 -- nginx -- security update
    2016-07-29
    oval:com.ubuntu.precise:def:20164450000
    V
    CVE-2016-4450 on Ubuntu 12.04 LTS (precise) - medium.
    2016-06-07
    oval:com.ubuntu.trusty:def:20164450000
    V
    CVE-2016-4450 on Ubuntu 14.04 LTS (trusty) - medium.
    2016-06-07
    oval:com.ubuntu.xenial:def:201644500000000
    V
    CVE-2016-4450 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-06-07
    oval:com.ubuntu.xenial:def:20164450000
    V
    CVE-2016-4450 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-06-07
    BACK
    canonical ubuntu linux 14.04
    canonical ubuntu linux 15.10
    canonical ubuntu linux 16.04
    f5 nginx *
    f5 nginx 1.11.0
    debian debian linux 8.0
    ibm smartcloud provisioning 2.1
    ibm smartcloud provisioning 2.1.0.1
    ibm smartcloud provisioning 2.1.0.2
    ibm smartcloud provisioning 2.1.0.3
    ibm powerkvm 2.1
    ibm powerkvm 3.1
    ibm smartcloud provisioning 2.1.0.4
    ibm smartcloud provisioning 2.1.0.5