Apache Web Server Vulnerable to DoS and Arbitrary Code Execution
Apache Web Server is vulnerable to Denial of Service (DoS) attacks and execution of arbitrary code.
January 8, 2006
Apache Web Server is vulnerable to Denial of Service (DoS) attacks and execution of arbitrary code. The module that provides SSL support (mod_ssl) doesn't properly handle certain non-SSL traffic that is sent to an SSL-enabled virtual host, which can lead to a denial of serviceDoS attack. Multiple critical vulnerabilities exist in the module used for connectivity to PostgreSQL database servers (mod_auth_pgsql). The vulnerabilities could allow remote intruders to execute arbitrary commands. Apache Software Foundation corrected the SSL problem in the source code tree. A bug report can be found at the first URL below. PostgreSQL module developer Giuseppe Tanzilli released module version 2.0.3, which corrects the arbitrary code execution problems.
About the Author
You May Also Like