Computer Security

Apache mod-fcgid stack overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Apache mod-fcgid stack overflow
Published:07.01.2011
Source:BUGTRAQ
SecurityVulns ID:11338
Type:local
Level:5/10
Description:Untrusted FCGI application may cause stack overflow.
Affected:APACHE : mod_fcgid 2.3
CVE:CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c in Apache mod_fcgid before 2.3.6 does not use bytewise pointer arithmetic in certain circumstances, which has unknown impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite.")
Original documentdocumentDEBIAN, [SECURITY] [DSA-2140-1] New libapache2-mod-fcgid packages fixes stack overflow (07.01.2011)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru