CVE-2009-2629

nginx <0.5.37, <0.6.39, <0.7.62, <0.8.15 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2629. PoCs published by Aaron Conole.

AI-analyzed exploit summary This exploit targets a heap corruption vulnerability in nginx versions <= 0.6.38 and <= 0.7.61 (CVE-2009-2629). It leverages a crafted HTTP request with a specific pattern to corrupt memory and execute a bind shell on port 31337.

Description

Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Aaron Conole · pythonlocallinux

https://www.exploit-db.com/exploits/14830

View Code ZIP pw:eip

This exploit targets a heap corruption vulnerability in nginx versions <= 0.6.38 and <= 0.7.61 (CVE-2009-2629). It leverages a crafted HTTP request with a specific pattern to corrupt memory and execute a bind shell on port 31337.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: nginx <= 0.6.38, <= 0.7.61

No auth needed

Prerequisites: merge_slashes enabled in nginx configuration · 32-bit x86 architecture · precise memory address calculation

MITRE ATT&CK