Vulnerability Details : CVE-2012-6687
FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause a denial of service (segmentation fault and crash) via a large number of connections.
Vulnerability category: Memory CorruptionInput validationDenial of service
Products affected by CVE-2012-6687
- cpe:2.3:a:fastcgi:fcgi:2.4.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-6687
2.38%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-6687
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2012-6687
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-6687
-
http://www.openwall.com/lists/oss-security/2015/02/06/4
oss-security - CVE request for denial-of-service vulnerability in fcgi
-
https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417
Bug #933417 “Stack smashing while using a lot of connections” : Bugs : libfcgi package : Ubuntu
-
http://www.openwall.com/lists/oss-security/2015/02/07/4
oss-security - Re: CVE request for denial-of-service vulnerability in fcgi
-
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681591
#681591 - libfcgi: CVE-2012-6687: Stack smashing while using a lot of connections - Debian Bug report logs
-
http://advisories.mageia.org/MGASA-2015-0184.html
Mageia Advisory: MGASA-2015-0184 - Updated fcgi packages fix CVE-2012-6687
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/100696
libfcgi connections denial of service CVE-2012-6687 Vulnerability Report
-
https://bugzilla.redhat.com/show_bug.cgi?id=1189958
1189958 – Stack smashing while using a lot of connections
Jump to