Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache < 2.0.3 mod_auth_pgsql Module Server Log Format String

Critical

Synopsis

The remote host is vulnerable to a remote 'format string' flaw.

Description

The remote host is running the Apache mod_auth_pgsql module, a module for authenticating remote users against a PostgreSQL database. This version of mod_auth_pgsql is vulnerable to multiple format string flaws. An attacker exploiting these flaws would be able to execute arbitrary code on the remote web server.

Solution

Upgrade to version 2.0.3 or higher.