CVE-2012-1181

EPSS 9.7%

libapache2-mod-fcgid - inactive resource limits

發布日:2012/3/19修改日:2026/4/28

描述

fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.

受影響套件(2)

Debian/libapache2-mod-fcgidfrom 0, < 1:2.3.6-1.1
Debian/libapache2-mod-fcgidfrom 0, < 1:2.3.6-1+squeeze1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-1181