FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2013-4365

This CVE name corresponds to:

Entered Topic
2013-10-10 mod_fcgid -- possible heap buffer overwrite

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2013-4365 at cve.mitre.org

Details

Type Candidate
Name CVE-2013-4365
Phase Assigned(20130612)

Description

Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.

References

Source Reference
MLIST [dev] 20131008 [ANNOUNCE] mod_fcgid 2.3.9 released
CONFIRM http://svn.apache.org/viewvc?view=revision&revision=1527362
DEBIAN DSA-2778
SUSE SUSE-SU-2013:1667
SUSE openSUSE-SU-2013:1609
SUSE openSUSE-SU-2013:1613
SUSE openSUSE-SU-2013:1664
SECUNIA 55197

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.