Companies running a popular open-source database on Apache servers run the risk of falling victim to a critical security flaw.
The flaw affects firms running Apache with a PostgreSQL database, potentially allowing remote attackers to compromise systems.
Open-source software company Red Hat warned of the flaw and issued a patch to prevent users falling victim to the vulnerability in the mod_auth_pgsql module.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
This module allows Apache users to authenticate information held in the open-source PostgreSQL database.
Security software companies including iDefense and Secunia have discovered several format string flaws in the way mod_auth_pgsql logs information. The flaws could allow unauthenticated remote attackers to execute malicious code using the same privileges held by the Apache user.
Other open-source software companies, including Ubuntu and Mandriva, have also issued patches against the problem.
Apache is the most widely used server software on the internet.