A bug in Nginx, one of the most popular open source Web servers, has been fixed.
Developers said this week that version 1.4.1 will fix a stack-based buffer overflow that might occur in a worker process while handling a specially crafted request. The bug had appeared in version 1.3.9, which was released last November and could be exploited in version 1.4.0 – released last month — as well.
(Illustration from Shutterstock)
According to a May study of 672,000 Web sites by Netcraft, Nginx is the third most popular Web server, after Apache and Microsoft IIS, with 15.5 per cent of the market. One of the biggest users is the WordPress blog hosting service, said Netcraft.
A Network World U.S. story about the latest bug fix concluded that a new Nginx backdoor exploit that has just been discovered is evidence that the unheralded server is now attracting hackers.