CVE-2011-2766

描述

The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.

受影響套件(2)

• Debian/libfcgi-perlfrom 0, < 0.73-2
• Debian/libfcgi-perlfrom 0, < 0.71-1+squeeze1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2766