CVE-2012-1181

fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:http_server:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:mod_fcgid:2.3.6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-03-19 21:55

Updated : 2024-02-04 17:54


NVD link : CVE-2012-1181

Mitre link : CVE-2012-1181

CVE.ORG link : CVE-2012-1181


JSON object : View

Products Affected

apache

  • mod_fcgid
  • http_server
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer