Oval Definition:	oval:org.mitre.oval:def:20021
Revision Date: 2014-06-23 Version: 7 Title: DSA-2778-1 libapache2-mod-fcgid - heap-based buffer overflow Description: Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2013-4365 DSA-2778-1 Platform(s): Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 Debian GNU/Linux 6.0 Debian GNU/Linux 7 Product(s): libapache2-mod-fcgid Definition Synopsis Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed OR Debian GNU/kFreeBSD is installed AND libapache2-mod-fcgid DPKG is earlier than 1:2.3.6-1+squeeze2 Release section Debian 7 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed OR Debian GNU/kFreeBSD is installed AND libapache2-mod-fcgid DPKG is earlier than 1:2.3.6-1.2+deb7u1
BACK