Welcome! Log In Create A New Profile

Advanced

Re: Zero day security hole in Java plugin

Previous Message Next Message
Forum List Message List New Topic Print View
Kasper Grubbe
January 11, 2013 06:36AM
It is in the Java plugin running on the browser, nothing to do with NGINX.

The Java zeroday is webserver agnostic, which means that is compatible with
Apache, NGINX, Lighttpd etc.

It requires a webpage to show an applet, and everything goes to hell
afterwards.

Disable your Java plugin in your browser, and never activate it again.


2013/1/11 Andre Jaenisch <andrejaenisch@googlemail.com>

> Hello,
>
> a friend of mine called my attention to the following link:
>
> http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html
>
> I'm new to the server's world, so I'm not sure, wether this is "just"
> a Java problem, but also a nginx one, since the server in question is
> nginx 1.0.15 …
> However, it might be a good idea to spread the word of this security hole..
>
> Regards,
>
>
> Andre Jaenisch
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

Zero day security hole in Java plugin

Andre Jaenisch January 11, 2013 06:30AM

Re: Zero day security hole in Java plugin

Kasper Grubbe January 11, 2013 06:36AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 186
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready