MGASA-2015-0184

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0184.html

Import Source

https://advisories.mageia.org/MGASA-2015-0184.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2015-0184

Related

CVE-2012-6687

Published

2015-05-03T00:19:16Z

Modified

2015-05-03T00:08:45Z

Summary

Updated fcgi packages fix CVE-2012-6687

Details

Updated fcgi packages fix security vulnerability:

FCGI does not perform range checks for file descriptors before use of the FDSET macro. This FDSET macro could allow for more than 1024 total file descriptors to be monitored in the closing state. This may allow remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening many socket connections to the host and crashing the service (CVE-2012-6687).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / fcgi

Package

Name: fcgi
Purl: pkg:rpm/mageia/fcgi?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.0-15.1.mga4

Ecosystem specific

{
    "section": "core"
}