CVE-2011-2766

EPSS 0.26%

libfcgi-perl - authentication bypass

Published: 9/23/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2011-2766

Description

The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.

Affected packages (2)

Debian/libfcgi-perlfrom 0, < 0.73-2
Debian/libfcgi-perlfrom 0, < 0.71-1+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2766