Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache 'mod_fcgid' Module Heap Buffer Overflow Vulnerability



The remote host is running the Apache server with a vulnerable version of the 'mod_fcgid' module.


Versions of Apache 'mod_fcgid' module earlier than 2.3.9 are vulnerable to a heap overflow vulnerability due to insufficient user input boundary validation, specifically to the 'fcgid_header_bucket_read()' function as called from the modules/fcgid/fcgid_bucket.c source file. An attacker may leverage this to execute arbitrary code in the context of the server application, or cause denial of service.


Upgrade the 'mod_fcgid' module to version 2.3.9 or later.