Hello, a friend of mine called my attention to the following link: http://malware.dontneedcoffee.com/2013/01/0-day-17... I'm new to the server's world, so I'm not sure, wether this is "just" a Java problem, but also a nginx one, since the server in question is nginx 1.0.15 … However, it might be a good idea to spread the word of this security hole. Regards, Andre Jaenisch
on 2013-01-11 12:29
on 2013-01-11 12:35
It is in the Java plugin running on the browser, nothing to do with NGINX. The Java zeroday is webserver agnostic, which means that is compatible with Apache, NGINX, Lighttpd etc. It requires a webpage to show an applet, and everything goes to hell afterwards. Disable your Java plugin in your browser, and never activate it again. 2013/1/11 Andre Jaenisch <andrejaenisch@googlemail.com>
Enable email notification
Enable multi-page viewPlease log in before posting. Registration is free and takes only a minute.
Existing account
(Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
Log in with Google account | Log in with Yahoo account
No account? Register here.