The FCGI (aka Fast CGI) module 0.70 up to and including 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote malicious users to bypass authentication via crafted HTTP headers.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fast cgi project fast cgi |
||
debian debian linux 5.0 |
||
debian debian linux 6.0 |
||
debian debian linux 7.0 |