[SECURITY] [DLA 431-1] libfcgi-perl security update

Package : libfcgi-perl Version : 0.71-1+squeeze1+deb6u1 CVE ID : CVE-2012-6687 Debian Bug : 815840 It was discovered that there was a remote denial of service in libfcgi-perl, a helper library for implementing the FastCGI web server protocol for Perl. For Debian 6 Squeeze, this issue has been fix...

DLA-431-1 libfcgi-perl - security update

Bulletin has no description...

DLA-430-1 libfcgi - security update

Bulletin has no description...

PHP FastCGI 远程利用命令执行

No description provided by source...

httpd: mod_proxy_fcgi handle_headers() buffer over read

A buffer overflow flaw was found in modproxyfcgi's handleheaders function. A malicious FastCGI server that httpd is configured to connect to could send a carefully crafted response that would cause an httpd child process handling the request to crash...

[SECURITY] Fedora 21 Update: lighttpd-1.4.36-1.fc21

Secure, fast, compliant and very flexible web-server which has been optimiz ed for high-performance environments. It has a very low memory footprint compa red to other webservers and takes care of cpu-load. Its advanced feature-set FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many mo...

ShopEx服务器配置不当（可shell可泄漏内外信息）

简要描述： 第一次来玩这个站。。。 详细说明： fastcgi的9000端口问题，是shopex的爬虫服务器 然后确定ip地址 看看arp信息 虽然域名是sarShopEx 漏洞证明： 查看passwd文件。。。 通过hosts文件得知域名是sradar.cn下的二级域名，该域名也是属于shopEx的。。。...

FastCGI buffer overflow

Buffer overflow on fdset structure handling...

[SECURITY] Fedora 20 Update: fcgi-2.4.0-26.fc20

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs...

[SECURITY] Fedora 21 Update: fcgi-2.4.0-26.fc21

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs...

[SECURITY] Fedora 21 Update: cherokee-1.2.103-6.fc21

Cherokee is a very fast, flexible and easy to configure Web Server. It supp orts the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL encrypted connections, Virtual hosts, Authentication, on the fly encoding, Apache compatible log files, and much more...

[SECURITY] Fedora 22 Update: cherokee-1.2.103-6.fc22

Cherokee is a very fast, flexible and easy to configure Web Server. It supp orts the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL encrypted connections, Virtual hosts, Authentication, on the fly encoding, Apache compatible log files, and much more...

Debian DLA-21-1 : fail2ban security update

Use anchored failregex for filters to avoid possible DoS. Manually picked up from the current status of 0.8 branch as of 0.8.13-29-g09b2016 : - CVE-2013-7176: postfix.conf - anchored on the front, expects 'postfix/smtpd' prefix in the log line - CVE-2013-7177: cyrus-imap.conf - anchored on the...

Fedora 20 : php-5.5.22-1.fc20 (2015-2328)

19 Feb 2015, PHP 5.5.22 Core : - Fixed bug 67068 getClosure returns somethings that's not a closure. Danack at basereality dot com - Fixed bug 68925 Mitigation for CVE-2015-0235 ' GHOST: glibc gethostbyname buffer overflow. Stas - Fixed bug 68942 Use after free vulnerability in unserialize with...

FastCGI denial of service vulnerability

FastCGI is a protocol that allows interactive programs to communicate with a Web server, the Fast Common Gateway Interface Fast Common Gateway Interface. A denial of service vulnerability exists in FastCGI 2.4.0, which allows remote attackers to cause a denial of service via a large number of...

Apache HTTP Server 2.4.10 FastCGI DoS

Binary data 8938.prm...

Fedora 21 : php-5.6.6-1.fc21 (2015-2315)

19 Feb 2015, PHP 5.6.6 Core : - Removed support for multi-line headers, as the are deprecated by RFC 7230. Stas - Fixed bug 67068 getClosure returns somethings that's not a closure. Danack at basereality dot com - Fixed bug 68942 Use after free vulnerability in unserialize with DateTimeZone...

AZL-34685 CVE-2012-6687 affecting package fcgi for versions less than 2.4.0-7

FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...

CVE-2012-6687

FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...

AZL-6418 CVE-2012-6687 affecting package fcgi for versions less than 2.4.0-7

FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...