MGASA-2016-0089

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0089.html

Import Source

https://advisories.mageia.org/MGASA-2016-0089.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2016-0089

Related

CVE-2012-6687

Published

2016-03-02T18:28:46Z

Modified

2016-03-02T18:20:03Z

Summary

Updated perl-FCGI packages fix CVE-2012-6687

Details

Updated fcgi packages fix security vulnerability:

FCGI does not perform range checks for file descriptors before use of the FDSET macro. This FDSET macro could allow for more than 1024 total file descriptors to be monitored in the closing state. This may allow remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening many socket connections to the host and crashing the service (CVE-2012-6687).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / perl-FCGI

Package

Name: perl-FCGI
Purl: pkg:rpm/mageia/perl-FCGI?arch=source&distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.770.0-4.1.mga5

Ecosystem specific

{
    "section": "core"
}