Lucene search
PRIOn knowledge basePRION:CVE-2012-1181HistoryMar 19, 2012 - 9:55 p.m.
Design/Logic Flaw
2012-03-1921:55:00
PRIOn knowledge base
www.prio-n.com
2
fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=615814
www.debian.org/security/2012/dsa-2436
www.openwall.com/lists/oss-security/2012/03/15/10
www.openwall.com/lists/oss-security/2012/03/16/2
www.securityfocus.com/bid/52565
exchange.xforce.ibmcloud.com/vulnerabilities/74181
issues.apache.org/bugzilla/show_bug.cgi?id=49902
Related
debian
debian
[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update
2012-03-19 19:24:30
securityvulns
securityvulns
[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update
2012-03-20 00:00:00
Apache FCGID module resources exhaustion
2012-03-20 00:00:00
openvas
openvas
Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
2012-04-30 00:00:00
Debian: Security Advisory (DSA-2436-1)
2012-04-30 00:00:00
Gentoo Security Advisory GLSA 201207-09 (mod_fcgid)
2012-08-10 00:00:00
nessus
nessus
Debian DSA-2436-1 : libapache2-mod-fcgid - inactive resource limits
2012-03-20 00:00:00
GLSA-201207-09 : mod_fcgid: Multiple vulnerabilities
2012-07-10 00:00:00
ubuntucve
ubuntucve
CVE-2012-1181
2012-03-19 00:00:00
debiancve
debiancve
CVE-2012-1181
2012-03-19 21:55:01
cvelist
cvelist
CVE-2012-1181
2012-03-19 21:00:00
cve
cve
CVE-2012-1181
2012-03-19 21:55:01
nvd
nvd
CVE-2012-1181
2012-03-19 21:55:01
gentoo
gentoo
mod_fcgid: Multiple vulnerabilities
2012-07-09 00:00:00