Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2013-4365

Published: 17/10/2013 Updated: 07/11/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Apache

Vulnerability Summary

Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module prior to 2.3.9 for the Apache HTTP Server allows remote malicious users to have an unspecified impact via unknown vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache mod_fcgid

debian debian linux 7.0

debian debian linux 6.0

opensuse opensuse 12.3

suse linux enterprise software development kit 11

opensuse opensuse 11.4

opensuse opensuse 12.2

suse cloud 2.0

suse cloud 1.0

Vendor Advisories

Debian CVElist Bug Report Logs: libapache2-mod-fcgid: CVE-2013-4365
Debian Bug report logs - #725942 libapache2-mod-fcgid: CVE-2013-4365 Package: libapache2-mod-fcgid; Maintainer for libapache2-mod-fcgid is Xavier Guimard <yadd@debianorg>; Source for libapache2-mod-fcgid is src:libapache2-mod-fcgid (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 10 ...
Debian Security Advisories: DSA-2778-1 libapache2-mod-fcgid -- heap-based buffer overflow
Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code For the oldstabl ...
Amazon Linux AMI: ALAS-2013-238
Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucketc in the mod_fcgid module before 239 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors ...
Amazon Linux AMI: ALAS-2013-239
Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucketc in the mod_fcgid module before 239 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors ...
Red Hat: CVE-2013-4365
Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucketc in the mod_fcgid module before 239 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors ...

References

CWE-787http://secunia.com/advisories/55197http://svn.apache.org/viewvc?view=revision&revision=1527362http://www.debian.org/security/2013/dsa-2778http://lists.opensuse.org/opensuse-updates/2013-10/msg00055.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00011.htmlhttp://lists.opensuse.org/opensuse-updates/2013-11/msg00024.htmlhttp://lists.opensuse.org/opensuse-updates/2013-10/msg00059.htmlhttp://www.securityfocus.com/bid/62939http://www.mail-archive.com/dev%40httpd.apache.org/msg58077.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725942https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2013-4365https://www.debian.org/security/./dsa-2778
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook