mod_auth_pgsql: Multiple format string vulnerabilities — GLSA 200601-05

Format string vulnerabilities in mod_auth_pgsql may lead to the execution of arbitrary code.

Affected packages

www-apache/mod_auth_pgsql on all architectures
Affected versions < 2.0.3
Unaffected versions >= 2.0.3
< 1.0.0

Background

mod_auth_pgsql is an Apache2 module that allows user authentication against a PostgreSQL database.

Description

The error logging functions of mod_auth_pgsql fail to validate certain strings before passing them to syslog, resulting in format string vulnerabilities.

Impact

An unauthenticated remote attacker could exploit these vulnerabilities to execute arbitrary code with the rights of the user running the Apache2 server by sending specially crafted login names.

Workaround

There is no known workaround at this time.

Resolution

All mod_auth_pgsql users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-apache/mod_auth_pgsql-2.0.3"

References

Release date
January 10, 2006

Latest revision
December 30, 2007: 03

Severity
high

Exploitable
remote

Bugzilla entries