Debian: DSA-2140-1: New libapache2-mod-fcgid packages fixes stack overflow
Debian: DSA-2140-1: New libapache2-mod-fcgid packages fixes stack overflow
A vulnerability has been found in Apache mod_fcgid. The Common Vulnerabilities and Exposures project identifies the following problem:
- ------------------------------------------------------------------------ Debian Security Advisory DSA-2140-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Stefan Fritsch January 05, 2011 https://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : libapache2-mod-fcgid Vulnerability : stack overflow Problem type : local Debian-specific: no CVE ID : CVE-2010-3872 A vulnerability has been found in Apache mod_fcgid. The Common Vulnerabilities and Exposures project identifies the following problem: CVE-2010-3872 A stack overflow could allow an untrusted FCGI application to cause a server crash or possibly to execute arbitrary code as the user running the web server. For the stable distribution (lenny), this problem has been fixed in version 2.2-1+lenny1. For the unstable distribution (sid), and the testing distribution (squeeze), this problem has been fixed in version 2.3.6-1. We recommend that you upgrade your libapache2-mod-fcgid packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.