CVE-2007-4727

by Fred · 12/09/2007

Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a "header overflow."

Date published : 2007-09-12

http://www.securityfocus.com/bid/25622

http://www.securityfocus.com/archive/1/479763/100/0/threaded

CVE-2007-4727

Similar

Recent Posts

Categories

CVE-2007-4727

Share this:

Similar

Recent Posts

Categories

Tags