Debian Linux Security Advisory 3405-1 - Tero Marttila discovered that the Debian packaging for smokeping installed it in such a way that the CGI implementation of Apache httpd (mod_cgi) passed additional arguments to the smokeping_cgi program, potentially leading to arbitrary code execution in response to crafted HTTP requests.
093436dd8877007cc38f10a273809c83511466a1c55d6c0914d14c87e2b9cf4c