TechTarget

Apache database open to remote attack

Companies running a popular open-source database on Apache servers run the risk of falling victim to a critical security flaw.

Companies running a popular open-source database on Apache servers run the risk of falling victim to a critical security flaw.

The flaw affects firms running Apache with a PostgreSQL database, potentially allowing remote attackers to compromise systems.

Open-source software company Red Hat warned of the flaw and issued a patch to prevent users falling victim to the vulnerability in the mod_auth_pgsql module.

This module allows Apache users to authenticate information held in the open-source PostgreSQL database.

Security software companies including iDefense and Secunia have discovered several format string flaws in the way mod_auth_pgsql logs information. The flaws could allow unauthenticated remote attackers to execute malicious code using the same privileges held by the Apache user.

Other open-source software companies, including Ubuntu and Mandriva, have also issued patches against the problem.

Apache is the most widely used server software on the internet.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close