Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 441
Alerts This Week
Warning Icon 1 441

Gentoo Linux GLSA-200601-05 High: mod_auth_pgsql Code Execution Risk

gentoo
Calendar Grey January 10, 2006
Dist Gentoo Esm H88
Exploiting format string weaknesses in mod_auth_pgsql may lead to unauthorized remote code execution. It is recommended to perform upgrades for safeguarding.
Format string vulnerabilities in mod_auth_pgsql may lead to the execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200601-05 https://security.gentoo.org/ Severity: High Title: mod_auth_pgsql: Multiple format string vulnerabilities Date: January 10, 2006 Bugs: #118096 ID: 200601-05

Synopsis ======= Format string vulnerabilities in mod_auth_pgsql may lead to the execution of arbitrary code.
Background ========= mod_auth_pgsql is an Apache2 module that allows user authentication against a PostgreSQL database.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-www/mod_auth_pgsql < 2.0.3 >= 2.0.3
========== The error logging functions of mod_auth_pgsql fail to validate certain strings before passing them to syslog, resulting in format strin...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround