Computer Security
[EN] securityvulns.ru no-pyccku


Apache mod-fcgid stack overflow
Published:07.01.2011
Source:
SecurityVulns ID:11338
Type:local
Threat Level:
5/10
Description:Untrusted FCGI application may cause stack overflow.
Affected:APACHE : mod_fcgid 2.3
CVE:CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c in Apache mod_fcgid before 2.3.6 does not use bytewise pointer arithmetic in certain circumstances, which has unknown impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite.")
Original documentdocumentDEBIAN, [SECURITY] [DSA-2140-1] New libapache2-mod-fcgid packages fixes stack overflow (07.01.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod