Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Fedora Local Security Checks --> Category: infos

Fedora Core 3 2006-014: mod_auth_pgsql Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the mod_auth_pgsql package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory FEDORA-2006-014 (mod_auth_pgsql).

mod_auth_pgsql can be used to limit access to documents served by a web server
by checking fields in a table in a PostgresQL database.

Update Information:

Several format string flaws were found in the way
mod_auth_pgsql logs information. It may be possible for a
remote attacker to execute arbitrary code as the 'apache'
user if mod_auth_pgsql is used for user authentication. The
Common Vulnerabilities and Exposures project assigned the
name CVE-2005-3656 to this issue.

Please note that this issue only affects servers which have
mod_auth_pgsql installed and configured to perform user
authentication against a PostgreSQL database.

Red Hat would like to thank iDefense for reporting this issue.

Solution : Get the newest Fedora Updates
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.