Search...

openSUSE Security Update : FastCGI (openSUSE-2011-102)

2014-06-13T00:00:00

ID OPENSUSE-2011-102.NASL
Type nessus
Reporter Tenable
Modified 2014-06-13T00:00:00

Description

added FastCGI-fix_deprecated_api.patch: (bnc#735882) Fixes an issue where CGI.pm received CGI variables from previous requests. CVE-2011-2766

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2011-102.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(74516);
  script_version("$Revision: 1.1 $");
  script_cvs_date("$Date: 2014/06/13 20:53:55 $");

  script_cve_id("CVE-2011-2766");

  script_name(english:"openSUSE Security Update : FastCGI (openSUSE-2011-102)");
  script_summary(english:"Check for the openSUSE-2011-102 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - added FastCGI-fix_deprecated_api.patch: (bnc#735882)
    Fixes an issue where CGI.pm received CGI variables from
    previous requests. CVE-2011-2766"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=735882"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected FastCGI packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:FastCGI");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:FastCGI-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:FastCGI-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:FastCGI-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-FastCGI");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-FastCGI-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/12/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.1", reference:"FastCGI-2.4.0-155.3.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"FastCGI-debuginfo-2.4.0-155.3.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"FastCGI-debugsource-2.4.0-155.3.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"FastCGI-devel-2.4.0-155.3.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"perl-FastCGI-2.4.0-155.3.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"perl-FastCGI-debuginfo-2.4.0-155.3.1") ) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "FastCGI / FastCGI-debuginfo / FastCGI-debugsource / FastCGI-devel / etc");
}

JSON Vulners Source

Initial Source

{"published": "2014-06-13T00:00:00", "id": "OPENSUSE-2011-102.NASL", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "history": [{"differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:12", "bulletin": {"enchantments": {}, "published": "2014-06-13T00:00:00", "id": "OPENSUSE-2011-102.NASL", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "history": [], "cpe": [], "hash": "8160b2d57dca00fedfaf7c6312dbf5239f89f73f2f7e1271c810c684ee9c32ae", "description": "- added FastCGI-fix_deprecated_api.patch: (bnc#735882) Fixes an issue where CGI.pm received CGI variables from previous requests. CVE-2011-2766", "type": "nessus", "pluginID": "74516", "lastseen": "2016-09-26T17:26:12", "edition": 1, "title": "openSUSE Security Update : FastCGI (openSUSE-2011-102)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74516", "modified": "2014-06-13T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": ["CVE-2011-2766"], "references": ["https://bugzilla.novell.com/show_bug.cgi?id=735882"], "naslFamily": "SuSE Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2011-102.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74516);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:53:55 $\");\n\n script_cve_id(\"CVE-2011-2766\");\n\n script_name(english:\"openSUSE Security Update : FastCGI (openSUSE-2011-102)\");\n script_summary(english:\"Check for the openSUSE-2011-102 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - added FastCGI-fix_deprecated_api.patch: (bnc#735882)\n Fixes an issue where CGI.pm received CGI variables from\n previous requests. CVE-2011-2766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=735882\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected FastCGI packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:FastCGI\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:FastCGI-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:FastCGI-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:FastCGI-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-FastCGI\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-FastCGI-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"FastCGI-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"FastCGI-debuginfo-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"FastCGI-debugsource-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"FastCGI-devel-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"perl-FastCGI-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"perl-FastCGI-debuginfo-2.4.0-155.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"FastCGI / FastCGI-debuginfo / FastCGI-debugsource / FastCGI-devel / etc\");\n}\n", "hashmap": [{"hash": "9e79cb2bd97afb4476046d1876857f78", "key": "description"}, {"hash": "49436609980cea8093ed5f1a6ccae5b1", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "35c9c4fd0c3bf9a696e17e44ee606605", "key": "cvelist"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "modified"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "published"}, {"hash": "c41c211006e3f8726322c696c358bf96", "key": "pluginID"}, {"hash": "7b2bdfa58aae9dc9f5cc1d87a8942647", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "a9ea7c8039128f922337a286ff664c20", "key": "href"}, {"hash": "26894f881b4b5276f8edf4b3ef8b5b76", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "objectVersion": "1.2"}}], "description": "- added FastCGI-fix_deprecated_api.patch: (bnc#735882) Fixes an issue where CGI.pm received CGI variables from previous requests. CVE-2011-2766", "hash": "92967edef4c2f216e1f96a884698d747dfe3c8dc87a124c321b6d5480488b8b6", "enchantments": {"vulnersScore": 5.0}, "type": "nessus", "pluginID": "74516", "lastseen": "2017-10-29T13:43:56", "edition": 2, "cpe": ["cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:perl-FastCGI", "p-cpe:/a:novell:opensuse:FastCGI-debuginfo", "p-cpe:/a:novell:opensuse:FastCGI-debugsource", "p-cpe:/a:novell:opensuse:FastCGI", "p-cpe:/a:novell:opensuse:perl-FastCGI-debuginfo", "p-cpe:/a:novell:opensuse:FastCGI-devel"], "title": "openSUSE Security Update : FastCGI (openSUSE-2011-102)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74516", "modified": "2014-06-13T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": ["CVE-2011-2766"], "references": ["https://bugzilla.novell.com/show_bug.cgi?id=735882"], "naslFamily": "SuSE Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2011-102.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74516);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:53:55 $\");\n\n script_cve_id(\"CVE-2011-2766\");\n\n script_name(english:\"openSUSE Security Update : FastCGI (openSUSE-2011-102)\");\n script_summary(english:\"Check for the openSUSE-2011-102 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - added FastCGI-fix_deprecated_api.patch: (bnc#735882)\n Fixes an issue where CGI.pm received CGI variables from\n previous requests. CVE-2011-2766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=735882\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected FastCGI packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:FastCGI\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:FastCGI-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:FastCGI-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:FastCGI-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-FastCGI\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-FastCGI-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"FastCGI-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"FastCGI-debuginfo-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"FastCGI-debugsource-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"FastCGI-devel-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"perl-FastCGI-2.4.0-155.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"perl-FastCGI-debuginfo-2.4.0-155.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"FastCGI / FastCGI-debuginfo / FastCGI-debugsource / FastCGI-devel / etc\");\n}\n", "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6743c6ccc550160f541ecd929ec589e7", "key": "cpe"}, {"hash": "35c9c4fd0c3bf9a696e17e44ee606605", "key": "cvelist"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "9e79cb2bd97afb4476046d1876857f78", "key": "description"}, {"hash": "a9ea7c8039128f922337a286ff664c20", "key": "href"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "modified"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "c41c211006e3f8726322c696c358bf96", "key": "pluginID"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "published"}, {"hash": "26894f881b4b5276f8edf4b3ef8b5b76", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "49436609980cea8093ed5f1a6ccae5b1", "key": "sourceData"}, {"hash": "7b2bdfa58aae9dc9f5cc1d87a8942647", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "objectVersion": "1.3"}

{"result": {"cve": [{"id": "CVE-2011-2766", "type": "cve", "title": "CVE-2011-2766", "description": "The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.", "published": "2011-09-23T06:55:03", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2766", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-08-29T11:19:30"}], "debian": [{"id": "DSA-2327", "type": "debian", "title": "libfcgi-perl -- authentication bypass", "description": "Ferdinand Smit discovered that FCGI, a Perl module for writing FastCGI applications, is incorrectly restoring environment variables of a prior request in subsequent requests. In some cases this may lead to authentication bypasses or worse.\n\nThe oldstable distribution (lenny) is not affected by this problem.\n\nFor the stable distribution (squeeze), this problem has been fixed in version 0.71-1+squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in version 0.73-2.\n\nFor the unstable distribution (sid), this problem has been fixed in version 0.73-2.\n\nWe recommend that you upgrade your libfcgi-perl packages.", "published": "2011-10-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-2327", "cvelist": ["CVE-2011-2766"], "lastseen": "2016-09-02T18:33:20"}], "nessus": [{"id": "ALA_ALAS-2011-5.NASL", "type": "nessus", "title": "Amazon Linux AMI : perl-FCGI (ALAS-2011-5)", "description": "The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.", "published": "2014-10-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=78266", "cvelist": ["CVE-2011-2766"], "lastseen": "2018-04-19T07:45:18"}, {"id": "FEDORA_2011-13230.NASL", "type": "nessus", "title": "Fedora 15 : perl-FCGI-0.74-1.fc15 (2011-13230)", "description": "This update to the latest upstream version resolves CVE-2011-2766 - stop leaking information across requests when using the deprecated and undocumented old FCGI interface.\n\nThis update resolves CVE-2011-2766 and includes several additional fixes. See the upstream [changelog](http://cpansearch.perl.org/src/FLORA/FCGI-0.73/ChangeLog) for further details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2011-10-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=56366", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-10-29T13:42:35"}, {"id": "DEBIAN_DSA-2327.NASL", "type": "nessus", "title": "Debian DSA-2327-1 : libfcgi-perl - authentication bypass", "description": "Ferdinand Smit discovered that FCGI, a Perl module for writing FastCGI applications, is incorrectly restoring environment variables of a prior request in subsequent requests. In some cases this may lead to authentication bypasses or worse.\n\nThe oldstable distribution (lenny) is not affected by this problem.", "published": "2011-10-25T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=56623", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-10-29T13:36:13"}, {"id": "SUSE_11_4_FASTCGI-111222.NASL", "type": "nessus", "title": "openSUSE Security Update : FastCGI (openSUSE-SU-2012:0004-1)", "description": "This update fixes the following security issues :\n\n - 735882: FastCGI: bypass authentication (CVE-2011-2766)", "published": "2014-06-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=75828", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-10-29T13:43:12"}, {"id": "ALA_ALAS-2011-05.NASL", "type": "nessus", "title": "Amazon Linux AMI : perl-FCGI (ALAS-2011-05)", "description": "The MITRE CVE database describes CVE-2011-2766 as :\n\nThe FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.", "published": "2013-09-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=69564", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-10-29T13:39:04"}, {"id": "FEDORA_2011-13236.NASL", "type": "nessus", "title": "Fedora 14 : perl-FCGI-0.74-1.fc14 (2011-13236)", "description": "This update to the latest upstream version resolves CVE-2011-2766 - stop leaking information across requests when using the deprecated and undocumented old FCGI interface.\n\nThis update resolves CVE-2011-2766 and includes several additional fixes. See the upstream [changelog](http://cpansearch.perl.org/src/FLORA/FCGI-0.73/ChangeLog) for further details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2011-10-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=56368", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-10-29T13:44:13"}, {"id": "SUSE_11_3_FASTCGI-111222.NASL", "type": "nessus", "title": "openSUSE Security Update : FastCGI (openSUSE-SU-2012:0004-1)", "description": "This update fixes the following security issues :\n\n - 735882: FastCGI: bypass authentication (CVE-2011-2766)", "published": "2014-06-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=75486", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-10-29T13:34:19"}, {"id": "FEDORA_2011-13130.NASL", "type": "nessus", "title": "Fedora 16 : perl-FCGI-0.74-1.fc16 (2011-13130)", "description": "This update to the latest upstream version resolves CVE-2011-2766 - stop leaking information across requests when using the deprecated and undocumented old FCGI interface.\n\nThis update resolves CVE-2011-2766.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2011-10-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=56363", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-10-29T13:34:55"}, {"id": "MANDRIVA_MDVSA-2012-001.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : fcgi (MDVSA-2012:001)", "description": "A vulnerability has been found and corrected in fcgi :\n\nThe FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers (CVE-2011-2766).\n\nThe updated packages have been patched to correct this issue.", "published": "2012-01-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=57428", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-10-29T13:43:53"}], "openvas": [{"id": "OPENVAS:1361412562310120515", "type": "openvas", "title": "Amazon Linux Local Check: ALAS-2011-5", "description": "Amazon Linux Local Security Checks", "published": "2015-09-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120515", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-07-24T12:55:35"}, {"id": "OPENVAS:1361412562310831521", "type": "openvas", "title": "Mandriva Update for fcgi MDVSA-2012:001 (fcgi)", "description": "Check for the Version of fcgi", "published": "2012-01-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831521", "cvelist": ["CVE-2011-2766"], "lastseen": "2018-04-06T11:20:54"}, {"id": "OPENVAS:70542", "type": "openvas", "title": "Debian Security Advisory DSA 2327-1 (libfcgi-perl)", "description": "The remote host is missing an update to libfcgi-perl\nannounced via advisory DSA 2327-1.", "published": "2012-02-11T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=70542", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-07-24T12:50:28"}, {"id": "OPENVAS:863985", "type": "openvas", "title": "Fedora Update for perl-FCGI FEDORA-2011-13130", "description": "Check for the Version of perl-FCGI", "published": "2012-04-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=863985", "cvelist": ["CVE-2011-2766"], "lastseen": "2018-01-03T10:57:20"}, {"id": "OPENVAS:831521", "type": "openvas", "title": "Mandriva Update for fcgi MDVSA-2012:001 (fcgi)", "description": "Check for the Version of fcgi", "published": "2012-01-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=831521", "cvelist": ["CVE-2011-2766"], "lastseen": "2018-01-06T13:08:01"}, {"id": "OPENVAS:863561", "type": "openvas", "title": "Fedora Update for perl-FCGI FEDORA-2011-13236", "description": "Check for the Version of perl-FCGI", "published": "2011-10-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=863561", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-07-25T10:55:38"}, {"id": "OPENVAS:136141256231070542", "type": "openvas", "title": "Debian Security Advisory DSA 2327-1 (libfcgi-perl)", "description": "The remote host is missing an update to libfcgi-perl\nannounced via advisory DSA 2327-1.", "published": "2012-02-11T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070542", "cvelist": ["CVE-2011-2766"], "lastseen": "2018-04-06T11:16:28"}, {"id": "OPENVAS:1361412562310863560", "type": "openvas", "title": "Fedora Update for perl-FCGI FEDORA-2011-13230", "description": "Check for the Version of perl-FCGI", "published": "2011-10-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863560", "cvelist": ["CVE-2011-2766"], "lastseen": "2018-04-09T11:35:43"}, {"id": "OPENVAS:1361412562310863561", "type": "openvas", "title": "Fedora Update for perl-FCGI FEDORA-2011-13236", "description": "Check for the Version of perl-FCGI", "published": "2011-10-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863561", "cvelist": ["CVE-2011-2766"], "lastseen": "2018-04-09T11:36:51"}, {"id": "OPENVAS:863560", "type": "openvas", "title": "Fedora Update for perl-FCGI FEDORA-2011-13230", "description": "Check for the Version of perl-FCGI", "published": "2011-10-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=863560", "cvelist": ["CVE-2011-2766"], "lastseen": "2017-07-25T10:55:24"}], "amazon": [{"id": "ALAS-2011-5", "type": "amazon", "title": "Medium: perl-FCGI", "description": "**Issue Overview:**\n\nThe FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.\n\n \n**Affected Packages:** \n\n\nperl-FCGI\n\n \n**Issue Correction:** \nRun _yum update perl-FCGI_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n perl-FCGI-debuginfo-0.74-1.0.amzn1.i686 \n perl-FCGI-0.74-1.0.amzn1.i686 \n \n src: \n perl-FCGI-0.74-1.0.amzn1.src \n \n x86_64: \n perl-FCGI-debuginfo-0.74-1.0.amzn1.x86_64 \n perl-FCGI-0.74-1.0.amzn1.x86_64 \n \n \n", "published": "2011-10-10T23:48:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2011-5.html", "cvelist": ["CVE-2011-2766"], "lastseen": "2016-09-28T21:04:11"}]}}