[v3.0] fcgi: remote DoS (CVE-2012-6687)
FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause a denial of service (segmentation fault and crash) via a large number of connections.
References:
http://seclists.org/oss-sec/2015/q1/453
https://bugzilla.redhat.com/show\_bug.cgi?id=1189958
https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681591
(from redmine: issue id 3974, created on 2015-03-09, closed on 2015-03-16)
- Relations:
- parent #3971 (closed)
- Changesets:
- Revision 6e6f21e2 by Natanael Copa on 2015-03-11T11:06:35Z:
main/fcgi: security fix for CVE-2012-6687
ref #3971
fixes #3974