CVE-2013-4365

Publication date 17 October 2013

Last updated 24 July 2024

Ubuntu priority

Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libapache2-mod-fcgid	13.10 saucy	Fixed 1:2.3.9-1
	13.04 raring	Fixed 1:2.3.7-0ubuntu2.13.04.1
	12.10 quantal	Fixed 1:2.3.7-0ubuntu2.12.10.1
	12.04 LTS precise	Fixed 1:2.3.6-1.1ubuntu0.1
	10.04 LTS lucid	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

http://www.mail-archive.com/[email protected]/msg58077.html
https://www.cve.org/CVERecord?id=CVE-2013-4365