fcgi: remote DoS (CVE-2012-6687)
FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause a denial of service (segmentation fault and crash) via a large number of connections.
References:
http://seclists.org/oss-sec/2015/q1/453
https://bugzilla.redhat.com/show\_bug.cgi?id=1189958
https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681591
(from redmine: issue id 3971, created on 2015-03-09, closed on 2015-03-16)
- Relations:
- child #3972 (closed)
- child #3973 (closed)
- child #3974 (closed)
- child #3975 (closed)
- Changesets:
- Revision f5ea0fe9 by Natanael Copa on 2015-03-11T11:05:18Z:
main/fcgi: security fix for CVE-2012-6687
ref #3971
- Revision c4fb066a by Natanael Copa on 2015-03-11T11:06:04Z:
main/fcgi: security fix for CVE-2012-6687
ref #3971
fixes #3975
- Revision 6e6f21e2 by Natanael Copa on 2015-03-11T11:06:35Z:
main/fcgi: security fix for CVE-2012-6687
ref #3971
fixes #3974
- Revision fb9cec8c by Natanael Copa on 2015-03-11T11:07:11Z:
main/fcgi: security fix for CVE-2012-6687
ref #3971
fixes #3973
- Revision 90b4fe01 by Natanael Copa on 2015-03-11T11:08:20Z:
main/fcgi: security fix for CVE-2012-6687
ref #3971
fixes #3972