Debian: 2778-1: libapache2-mod-fcgid: heap-based buffer overflow

Posted by Ridcully on Oct 15, 2013 7:41 AM EDT; By Benjamin D. Thomas
Mail this story
Print this story

Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

Full Story

» Read more about: Story Type: Announcements, Security; Groups: Apache, Debian

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.