|
|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:009: apache2-mod_auth_pgsql Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the apache2-mod_auth_pgsql package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:009 (apache2-mod_auth_pgsql).
iDefense discovered several format string vulnerabilities in the way that
mod_auth_pgsql logs information which could potentially be used by a remote
attacker to execute arbitrary code as the apache user if mod_auth_pgsql is used
for user authentication. The provided packages have been patched to prevent
this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:009
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
