2248172 – (CVE-2010-3872) CVE-2010-3872 httpd: mod_fcgid: stack-based buffer overflow in fcgid_header_bucket_read() in modules/fcgid/fcgid_bucket.c

Bug 2248172 (CVE-2010-3872) - CVE-2010-3872 httpd: mod_fcgid: stack-based buffer overflow in fcgid_header_bucket_read() in modules/fcgid/fcgid_bucket.c

Summary: CVE-2010-3872 httpd: mod_fcgid: stack-based buffer overflow in fcgid_header_b...

Keywords:
Status:	NEW
Alias:	CVE-2010-3872
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2244856
TreeView+	depends on / blocked

Reported:	2023-11-06 17:32 UTC by Guilherme de Almeida Suckevicz
Modified:	2023-11-13 19:02 UTC (History)
CC List:	0 users
Fixed In Version:	mod_fcgid 2.3.6
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application crash.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Guilherme de Almeida Suckevicz 2023-11-06 17:32:46 UTC

The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite."

Reference:
https://bz.apache.org/bugzilla/show_bug.cgi?id=49406

Upstream patch:
https://github.com/apache/httpd-mod_fcgid/commit/b1afa70840b4ab4e6fbc12ac8798b2f3ccc336b2

Note You need to log in before you can comment on or make changes to this bug.