Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-2766HistorySep 23, 2011 - 10:55 a.m.
CVE-2011-2766
2011-09-2310:55:03
Debian Security Bug Tracker
security-tracker.debian.org
5
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
61.1%
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libfcgi-perl | < 0.73-2 | libfcgi-perl_0.73-2_all.deb |
| Debian | 11 | all | libfcgi-perl | < 0.73-2 | libfcgi-perl_0.73-2_all.deb |
| Debian | 999 | all | libfcgi-perl | < 0.73-2 | libfcgi-perl_0.73-2_all.deb |
| Debian | 13 | all | libfcgi-perl | < 0.73-2 | libfcgi-perl_0.73-2_all.deb |
Related
nessus
nessus
openSUSE Security Update : FastCGI (openSUSE-2011-102)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : fcgi (MDVSA-2012:001)
2012-01-03 00:00:00
Amazon Linux AMI : perl-FCGI (ALAS-2011-5)
2014-10-12 00:00:00
openvas
openvas
Mandriva Update for fcgi MDVSA-2012:001 (fcgi)
2012-01-09 00:00:00
Debian Security Advisory DSA 2327-1 (libfcgi-perl)
2012-02-11 00:00:00
Fedora Update for perl-FCGI FEDORA-2011-13130
2012-04-02 00:00:00
ubuntucve
ubuntucve
CVE-2011-2766
2011-09-23 00:00:00
amazon
amazon
Medium: perl-FCGI
2011-10-10 23:48:00
debian
debian
[SECURITY] [DSA 2327-1] libfcgi-perl security-update
2011-10-24 18:16:30
fedora
fedora
[SECURITY] Fedora 14 Update: perl-FCGI-0.74-1.fc14
2011-10-02 22:58:12
[SECURITY] Fedora 16 Update: perl-FCGI-0.74-1.fc16
2011-10-02 18:17:56
[SECURITY] Fedora 15 Update: perl-FCGI-0.74-1.fc15
2011-10-02 23:03:42
nvd
nvd
CVE-2011-2766
2011-09-23 10:55:03
prion
prion
Authentication flaw
2011-09-23 10:55:00
cvelist
cvelist
CVE-2011-2766
2011-09-23 10:00:00
cve
cve
CVE-2011-2766
2011-09-23 10:55:03
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
61.1%
Related for DEBIANCVE:CVE-2011-2766