9 matches found
Gentoo Security Advisory GLSA 201207-09 (mod_fcgid)
The remote host is missing updates announced in advisory GLSA 201207-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Debian: Security Advisory (DSA-2436-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2436-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 19, 2012 http://www.debian.org/security/faq -...
Debian DSA-2436-1 : libapache2-mod-fcgid - inactive resource limits
It was discovered that the Apache FCGID module, a FastCGI implementation, did not properly enforce the FcgidMaxProcessesPerClass resource limit, rendering this control ineffective and potentially allowing a virtual host to consume excessive resources. %NASLMINLEVEL 70300 C Tenable Network Securit...
CVE-2012-1181
fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...
CVE-2012-1181
fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...
CVE-2012-1181
fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...
CVE-2012-1181
CVE-2012-1181 affects the Apache mod_fcgid module (version 2.3.6) where fcgid_spawn_ctl.c fails to recognize the FcgidMaxProcessesPerClass directive for a virtual host. This misbehavior can allow remote attackers to trigger a higher-than-intended process count, leading to memory consumption and p...
CVE-2012-1181
fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...