Apache Web Server is vulnerable to Denial of Service (DoS) attacks and execution of arbitrary code. The module that provides SSL support (mod_ssl) doesn't properly handle certain non-SSL traffic that is sent to an SSL-enabled virtual host, which can lead to a denial of serviceDoS attack. Multiple critical vulnerabilities exist in the module used for connectivity to PostgreSQL database servers (mod_auth_pgsql). The vulnerabilities could allow remote intruders to execute arbitrary commands. Apache Software Foundation corrected the SSL problem in the source code tree. A bug report can be found at the first URL below. PostgreSQL module developer Giuseppe Tanzilli released module version 2.0.3, which corrects the arbitrary code execution problems.
