Test ID:	1.3.6.1.4.1.25623.1.0.71589
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 201207-09 (mod_fcgid)
Summary:	The remote host is missing updates announced in;advisory GLSA 201207-09.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 201207-09. Vulnerability Insight: Multiple vulnerabilities have been found in mod_fcgid, allowing execution of arbitrary code or Denial of Service. Solution: All mod_fcgid users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apache/mod_fcgid-2.3.7' CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3872 42288 http://secunia.com/advisories/42288 42302 http://secunia.com/advisories/42302 42815 http://secunia.com/advisories/42815 44900 http://www.securityfocus.com/bid/44900 69275 http://osvdb.org/69275 ADV-2010-2997 http://www.vupen.com/english/advisories/2010/2997 ADV-2010-2998 http://www.vupen.com/english/advisories/2010/2998 ADV-2011-0031 http://www.vupen.com/english/advisories/2011/0031 DSA-2140 http://www.debian.org/security/2010/dsa-2140 FEDORA-2010-17434 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050932.html FEDORA-2010-17472 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050976.html FEDORA-2010-17474 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050930.html RHBZ#2248172 https://bugzilla.redhat.com/show_bug.cgi?id=2248172 SUSE-SU-2011:0885 http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00005.html [apache] 20101107 [ANNOUNCE] mod_fcgid 2.3.6 is released http://www.gossamer-threads.com/lists/apache/announce/391406 apache-fcgid-bo(63303) https://exchange.xforce.ibmcloud.com/vulnerabilities/63303 https://access.redhat.com/security/cve/CVE-2010-3872 https://github.com/apache/httpd-mod_fcgid/commit/b1afa70840b4ab4e6fbc12ac8798b2f3ccc336b2 https://issues.apache.org/bugzilla/show_bug.cgi?id=49406 openSUSE-SU-2011:0884 http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2012-1181 52565 http://www.securityfocus.com/bid/52565 DSA-2436 http://www.debian.org/security/2012/dsa-2436 [oss-security] 20120315 CVE-request: apache's mod-fcgid does not respect configured FcgidMaxProcessesPerClass in VirtualHost http://www.openwall.com/lists/oss-security/2012/03/15/10 [oss-security] 20120315 Re: CVE-request: apache's mod-fcgid does not respect configured FcgidMaxProcessesPerClass in VirtualHost http://www.openwall.com/lists/oss-security/2012/03/16/2 apache-modfcgid-dos(74181) https://exchange.xforce.ibmcloud.com/vulnerabilities/74181 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615814 https://issues.apache.org/bugzilla/show_bug.cgi?id=49902
Copyright	Copyright (C) 2012 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.