FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-4727

This CVE name corresponds to:

Entered Topic
2007-09-10 lighttpd -- FastCGI header overrun in mod_fastcgi

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-4727 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-4727
Phase Assigned(20070905)

Description

Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a "header overflow."

References

Source Reference
BUGTRAQ 20070917 FLEA-2007-0054-1 lighttpd
MISC http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/
MISC https://bugzilla.redhat.com/show_bug.cgi?id=284511
CONFIRM http://trac.lighttpd.net/trac/changeset/1986
CONFIRM http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt
CONFIRM https://issues.rpath.com/browse/RPL-1715
FEDORA FEDORA-2007-2132
GENTOO GLSA-200709-16
SUSE SUSE-SR:2007:020
BID 25622
VUPEN ADV-2007-3110
SECUNIA 26732
SECUNIA 26794
SECUNIA 26824
SECUNIA 26997
SECUNIA 27229
SREASON 3127
XF lighttpd-modfastcgi-code-execution(36526)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.