EUVD-2010-3850

Malware in sbrugna...

Heap overflow

Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors...

CVE-2013-4365

Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors...

CVE-2013-4365

The vulnerability CVE-2013-4365 affects Apache HTTP Server’s mod_fcgid module. A heap-based buffer overflow in fcgid_header_bucket_read (fcgid_bucket.c) prior to version 2.3.9 could allow remote attackers to cause an impact via unspecified vectors. Affected product/version: mod_fcgid before 2.3.9...

Design/Logic Flaw

fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...