Download
| Alert*
oval:org.secpod.oval:def:302820
A vulnerability has been found and corrected in fcgi: The FCGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers. The update ... oval:org.secpod.oval:def:1601227 The FCGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers. oval:org.secpod.oval:def:103041 FastCGI Perl bindings. oval:org.secpod.oval:def:103018 FastCGI Perl bindings. oval:org.secpod.oval:def:1300034 A vulnerability has been found and corrected in fcgi: The FCGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers . The updat ... oval:org.secpod.oval:def:600669 Ferdinand Smit discovered that libfcgi-perl, a Perl module for writing FastCGI applications, is incorrectly restoring environment variables of a prior request in subsequent requests. In some cases this may lead to authentication bypasses or worse. The oldstable distribution is not affected by this ... |