Website:    I. BACKGROUND  ---------------------    Nginx is an HTTP and reverse proxy server, as well as a mail proxy server, written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VKontakte, and Rambler. According to Netcraft nginx served or proxied 12.96% busiest sites in April 2013. Here are some of the success stories: Netflix,, FastMail.FM.    II. DESCRIPTION  ---------------------    Qihoo 360 Web Security Research Team discovered a critical vulnerability in nginx.    The vulnerability is caused by a int overflow error within the Nginx  ngx_http_close_connection function when r->count is less then 0 or more then 255, which could be exploited  by remote attackers to compromise a vulnerable system via malicious http requests.    III. AFFECTED PRODUCTS  ---------------------------    Nginx all latest version    IV. Exploits/PoCs  ---------------------------------------    In-depth technical analysis of the vulnerability and a fully functional remote code execution exploit are available through the safe3q (at) gmail (dot) com [email concealed]  In src/http/ngx_http_request_body.c ngx_http_discard_request_body function,we can make r->count++.    V. VUPEN Threat Protection Program  -----------------------------------    VI. SOLUTION  ----------------    Validate the r->count input.    VII. CREDIT  --------------    This vulnerability was discovered by Safe3 of Qihoo 360.    VIII. ABOUT Qihoo 360  ---------------------------    Qihoo 360 is the leading provider of defensive and offensive web cloud security of China.    IX. REFERENCES  ----------------------