Intrusion Prevention

Nginx.DNS.Resolver.DoS

Description

This indicates an attack attempt against Denial of Service vulnerability exists in Nginx.
The vulnerability is due to an error when the vulnerable software handles maliciously crafted DNS requests. A remote attacker can exploit this to crash the target vulnerable system, via a crafted request.

Affected Products

nginx HTTP Server 0.6.18 through 1.9.9

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html?_ga=1.26237502.2054837970.1454099193

CVE References

CVE-2016-0742