Fluid Attacks Database

Description

A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application crash.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	libapache2-mod-fcgid	>=0 <1:2.3.6-1	1:2.3.6-1
debian 13	libapache2-mod-fcgid	>=0 <1:2.3.6-1	1:2.3.6-1
debian 11	libapache2-mod-fcgid	>=0 <1:2.3.6-1	1:2.3.6-1
debian 14	libapache2-mod-fcgid	>=0 <1:2.3.6-1	1:2.3.6-1

Aliases

1. CVE-2010-38722. NVD-2010-38723. OSV-DEBIAN-2010-38724. OSV-2010-38725. SECURITY-TRACKER-CVE-2010-3872

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.