Apache database open to remote attack

Companies running a popular open-source database on Apache servers run the risk of falling victim to a critical security flaw.

Companies running a popular open-source database on Apache servers run the risk of falling victim to a critical security flaw.

The flaw affects firms running Apache with a PostgreSQL database, potentially allowing remote attackers to compromise systems.

Open-source software company Red Hat warned of the flaw and issued a patch to prevent users falling victim to the vulnerability in the mod_auth_pgsql module.

This module allows Apache users to authenticate information held in the open-source PostgreSQL database.

Security software companies including iDefense and Secunia have discovered several format string flaws in the way mod_auth_pgsql logs information. The flaws could allow unauthenticated remote attackers to execute malicious code using the same privileges held by the Apache user.

Other open-source software companies, including Ubuntu and Mandriva, have also issued patches against the problem.

Apache is the most widely used server software on the internet.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Business applications

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close