Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27824
HistoryMar 20, 2012 - 12:00 a.m.

[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update

2012-03-2000:00:00
vulners.com
58
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Debian Security Advisory DSA-2436-1 [email protected]
http://www.debian.org/security/ Thijs Kinkhorst
March 19, 2012 http://www.debian.org/security/faq

Package : libapache2-mod-fcgid
Vulnerability : inactive resource limits
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-1181
Debian Bug : 615814

It was discovered that the Apache FCGID module, a FastCGI implementation,
did not properly enforce the FcgidMaxProcessesPerClass resource limit,
rendering this control ineffective and potentially allowing a virtual
host to consume excessive resources.

For the stable distribution (squeeze), this problem has been fixed in
version 1:2.3.6-1+squeeze1.

For the testing distribution (wheezy), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 1:2.3.6-1.1.

We recommend that you upgrade your libapache2-mod-fcgid packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJPZ4U8AAoJEOxfUAG2iX57K8kIAK+ux3WVWLKD4Tf7t3T5udBE
txQi5RPpP0YPtyRW3Kd96MxoSXupb4oarlCY27S/sneVyfOnpZo5BaLp0ODv7ijQ
vSjUQpvedLwI+kl2bLY19j4kHB+s0U1RVlKGePuTv1RjRhas7PiE/uSxJL5k2u98
9VswXCEIERdZcaGG/kaPBbtkRUTDVsBeJkwuZdTBRRmud0ZWItCiDE4HbZk50O7j
z20CS7IZaQDBZjKoMvbMCnQZr7tR1/qOGBIIwsiSB+VcOAVPxv5iO1tcPx5/dl93
Ip+I6uojsduLIaFkS6LF5u75izxSrmFOfkF0/uZ8ORfjRxiQ/Y5T8Q6yVaK4E9M=
=JNMH
-----END PGP SIGNATURE-----

Related

prion 1
openvas 4
cve 1
debian 1
nessus 2
ubuntucve 1
debiancve 1
securityvulns 1
gentoo 1
prion
prion
Design/Logic Flaw
2012-03-19 21:55:00
openvas
openvas
Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
2012-04-30 00:00:00
Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
2012-04-30 00:00:00
Gentoo Security Advisory GLSA 201207-09 (mod_fcgid)
2012-08-10 00:00:00
cve
cve
CVE-2012-1181
2012-03-19 21:55:00
debian
debian
[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update
2012-03-19 19:24:30
nessus
nessus
Debian DSA-2436-1 : libapache2-mod-fcgid - inactive resource limits
2012-03-20 00:00:00
GLSA-201207-09 : mod_fcgid: Multiple vulnerabilities
2012-07-10 00:00:00
ubuntucve
ubuntucve
CVE-2012-1181
2012-03-19 00:00:00
debiancve
debiancve
CVE-2012-1181
2012-03-19 21:55:00
securityvulns
securityvulns
Apache FCGID module resources exhaustion
2012-03-20 00:00:00
gentoo
gentoo
mod_fcgid: Multiple vulnerabilities
2012-07-09 00:00:00
JSON
Related for SECURITYVULNS:DOC:27824
prion1openvas4cve1debian1nessus2ubuntucve1debiancve1securityvulns1gentoo1