CVE-2009-3898 in F5 Networks and NGINX Products
Published on November 24, 2009

Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.

Vendor Advisory NVD

Products Associated with CVE-2009-3898

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2009-3898 are published in these products:

F5 Networks Nginx

nginx

Exploit Probability

EPSS

1.08%

Percentile

77.49%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2009-3898 in F5 Networks and NGINX ProductsPublished on November 24, 2009

Products Associated with CVE-2009-3898

Exploit Probability

CVE-2009-3898 in F5 Networks and NGINX Products
Published on November 24, 2009