lighttpd -- FastCGI header overrun in mod_fastcgi

2007-09-09T00:00:00
ID 4B673AE7-5F9A-11DC-84DD-000102CC8983
Type freebsd
Reporter FreeBSD
Modified 2007-09-09T00:00:00

Description

lighttpd maintainer reports:

Lighttpd is prone to a header overflow when using the mod_fastcgi extension, this can lead to arbitrary code execution in the fastcgi application. For a detailed description of the bug see the external reference. This bug was found by Mattias Bengtsson and Philip Olausson