CVE-2010-3872

A flaw was found in the modfcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgidbucket.c file in the fcgidheaderbucket_read() function, resulting in an application crash.

References

Affected packages

Debian:11 / libapache2-mod-fcgid

Package

Name: libapache2-mod-fcgid
Purl: pkg:deb/debian/libapache2-mod-fcgid?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libapache2-mod-fcgid

Package

Name: libapache2-mod-fcgid
Purl: pkg:deb/debian/libapache2-mod-fcgid?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libapache2-mod-fcgid

Package

Name: libapache2-mod-fcgid
Purl: pkg:deb/debian/libapache2-mod-fcgid?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}