Описание
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-2766
- https://bugzilla.redhat.com/show_bug.cgi?id=736604
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69709
- https://hermes.opensuse.org/messages/13154637
- https://hermes.opensuse.org/messages/13155253
- https://rt.cpan.org/Public/Bug/Display.html?id=68380
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607479
- http://www.debian.org/security/2011/dsa-2327
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:001
- http://www.openwall.com/lists/oss-security/2011/09/08/1
- http://www.openwall.com/lists/oss-security/2011/09/08/2
- http://www.securityfocus.com/bid/49549
Связанные уязвимости
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by ...
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации