CVE-2011-2766
Publication date 23 September 2011
Last updated 24 July 2024
Ubuntu priority
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.
Status
Package | Ubuntu Release | Status |
---|---|---|
libfcgi-perl | 13.04 raring |
Not affected
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric | Ignored end of life | |
11.04 natty |
Fixed 0.71-1+squeeze1build0.11.04.1
|
|
10.10 maverick |
Fixed 0.71-1+squeeze1build0.10.10.1
|
|
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy |
Not affected
|
Notes
Patch details
Package | Patch details |
---|---|
libfcgi-perl |