4 matches found
CVE-2013-4365
The vulnerability CVE-2013-4365 affects Apache HTTP Server’s mod_fcgid module. A heap-based buffer overflow in fcgid_header_bucket_read (fcgid_bucket.c) prior to version 2.3.9 could allow remote attackers to cause an impact via unspecified vectors. Affected product/version: mod_fcgid before 2.3.9...
CVE-2016-1000104
A security Bypass vulnerability exists in the FcgidPassHeader Proxy of the Apache mod_fcgid module (through 2016-07-07). Affected component: mod_fcgid (FcgidPassHeader Proxy). Root cause: bypass vulnerability in FcgidPassHeader handling. Impact is stated as high by CVSS3.1 (AV:N/AC:L/PR:L/UI:N/S:...
CVE-2010-3872
The CVE-2010-3872 issue affects Apache mod_fcgid. A flaw in fcgid_header_bucket_read() (fcgid_bucket.c) could trigger a stack-based buffer overflow from malformed FastCGI responses, potentially crashing the server or allowing arbitrary code execution with the server’s privileges. Public sources i...
CVE-2012-1181
CVE-2012-1181 affects the Apache mod_fcgid module (version 2.3.6) where fcgid_spawn_ctl.c fails to recognize the FcgidMaxProcessesPerClass directive for a virtual host. This misbehavior can allow remote attackers to trigger a higher-than-intended process count, leading to memory consumption and p...