Search...

Gentoo Security Advisory GLSA 200601-05 (mod_auth_pgsql)

2008-09-24T00:00:00

ID OPENVAS:56119
Type openvas
Reporter Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com
Modified 2017-07-07T00:00:00

Description

The remote host is missing updates announced in advisory GLSA 200601-05.

                                        
                                            # OpenVAS Vulnerability Test
# $
# Description: Auto generated from Gentoo's XML based advisory
#
# Authors:
# Thomas Reinke &lt;reinke@securityspace.com&gt;
#
# Copyright:
# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_insight = "Format string vulnerabilities in mod_auth_pgsql may lead to the execution
of arbitrary code.";
tag_solution = "All mod_auth_pgsql users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose '&gt;=net-www/mod_auth_pgsql-2.0.3'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200601-05
http://bugs.gentoo.org/show_bug.cgi?id=118096
http://www.frsirt.com/english/advisories/2006/0070";
tag_summary = "The remote host is missing updates announced in
advisory GLSA 200601-05.";

                                                                                

if(description)
{
 script_id(56119);
 script_version("$Revision: 6596 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $");
 script_tag(name:"creation_date", value:"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)");
 script_bugtraq_id(16153);
 script_cve_id("CVE-2005-3656");
 script_tag(name:"cvss_base", value:"10.0");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_name("Gentoo Security Advisory GLSA 200601-05 (mod_auth_pgsql)");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com");
 script_family("Gentoo Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-gentoo.inc");

res = "";
report = "";
if ((res = ispkgvuln(pkg:"net-www/mod_auth_pgsql", unaffected: make_list("ge 2.0.3"), vulnerable: make_list("lt 2.0.3"))) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:56119", "type": "openvas", "bulletinFamily": "scanner", "title": "Gentoo Security Advisory GLSA 200601-05 (mod_auth_pgsql)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200601-05.", "published": "2008-09-24T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=56119", "reporter": "Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2005-3656"], "lastseen": "2017-07-24T12:50:02", "viewCount": 0, "enchantments": {"score": {"value": 7.9, "vector": "NONE", "modified": "2017-07-24T12:50:02", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3656"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:10941", "SECURITYVULNS:DOC:10934"]}, {"type": "nessus", "idList": ["MANDRAKE_MDKSA-2006-009.NASL", "FEDORA_2006-015.NASL", "REDHAT-RHSA-2006-0164.NASL", "CENTOS_RHSA-2006-0164.NASL", "DEBIAN_DSA-935.NASL", "FEDORA_2006-014.NASL", "GENTOO_GLSA-200601-05.NASL", "UBUNTU_USN-239-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-239-1"]}, {"type": "openvas", "idList": ["OPENVAS:56115"]}, {"type": "osvdb", "idList": ["OSVDB:22259"]}, {"type": "debian", "idList": ["DEBIAN:DSA-935-1:08209"]}, {"type": "gentoo", "idList": ["GLSA-200601-05"]}, {"type": "redhat", "idList": ["RHSA-2006:0164"]}, {"type": "centos", "idList": ["CESA-2006:0164"]}], "modified": "2017-07-24T12:50:02", "rev": 2}, "vulnersScore": 7.9}, "pluginID": "56119", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Format string vulnerabilities in mod_auth_pgsql may lead to the execution\nof arbitrary code.\";\ntag_solution = \"All mod_auth_pgsql users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-www/mod_auth_pgsql-2.0.3'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200601-05\nhttp://bugs.gentoo.org/show_bug.cgi?id=118096\nhttp://www.frsirt.com/english/advisories/2006/0070\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200601-05.\";\n\n \n\nif(description)\n{\n script_id(56119);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(16153);\n script_cve_id(\"CVE-2005-3656\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200601-05 (mod_auth_pgsql)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-www/mod_auth_pgsql\", unaffected: make_list(\"ge 2.0.3\"), vulnerable: make_list(\"lt 2.0.3\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Gentoo Local Security Checks"}

{"cve": [{"lastseen": "2021-02-02T05:24:39", "description": "Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username.\nThis vulnerability affects mod_auth_pgsql for Apache2, most likely in all Linux and UNIX environments. This vulnerability affects all versions of mod_auth_pgsql before 2.0.3", "edition": 6, "cvss3": {}, "published": "2005-12-31T05:00:00", "title": "CVE-2005-3656", "type": "cve", "cwe": ["CWE-134"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-3656"], "modified": "2018-10-03T21:33:00", "cpe": ["cpe:/a:guiseppe_tanzilli_and_matthias_eckermann:mod_auth_pgsql:0.9.6", "cpe:/a:guiseppe_tanzilli_and_matthias_eckermann:mod_auth_pgsql:2.0.3", "cpe:/a:guiseppe_tanzilli_and_matthias_eckermann:mod_auth_pgsql:0.9.5"], "id": "CVE-2005-3656", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3656", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:guiseppe_tanzilli_and_matthias_eckermann:mod_auth_pgsql:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:guiseppe_tanzilli_and_matthias_eckermann:mod_auth_pgsql:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:guiseppe_tanzilli_and_matthias_eckermann:mod_auth_pgsql:0.9.6:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-09T17:35:12", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3656"], "description": "Several format string vulnerabilities were discovered in the error \nlogging handling. By sending specially crafted user names, an \nunauthenticated remote attacker could exploit this to crash the Apache \nserver or possibly even execute arbitrary code with the privileges of \nApache (user 'www-data').", "edition": 5, "modified": "2006-01-09T00:00:00", "published": "2006-01-09T00:00:00", "id": "USN-239-1", "href": "https://ubuntu.com/security/notices/USN-239-1", "title": "libapache2-mod-auth-pgsql vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:01", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3656"], "description": "### Background\n\nmod_auth_pgsql is an Apache2 module that allows user authentication against a PostgreSQL database. \n\n### Description\n\nThe error logging functions of mod_auth_pgsql fail to validate certain strings before passing them to syslog, resulting in format string vulnerabilities. \n\n### Impact\n\nAn unauthenticated remote attacker could exploit these vulnerabilities to execute arbitrary code with the rights of the user running the Apache2 server by sending specially crafted login names. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll mod_auth_pgsql users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-apache/mod_auth_pgsql-2.0.3\"", "edition": 1, "modified": "2007-12-30T00:00:00", "published": "2006-01-10T00:00:00", "id": "GLSA-200601-05", "href": "https://security.gentoo.org/glsa/200601-05", "type": "gentoo", "title": "mod_auth_pgsql: Multiple format string vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:19", "bulletinFamily": "software", "cvelist": ["CVE-2005-3656"], "edition": 1, "description": "## Solution Description\nUpgrade to version 2.0.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://www.giuseppetanzilli.it/mod_auth_pgsql2/\nVendor URL: http://www.giuseppetanzilli.it/mod_auth_pgsql/\nVendor Specific News/Changelog Entry: http://www.giuseppetanzilli.it/mod_auth_pgsql2/#Changelog\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-935)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200601-05.xml)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U.asc)\nSecurity Tracker: 1015446\n[Secunia Advisory ID:18348](https://secuniaresearch.flexerasoftware.com/advisories/18348/)\n[Secunia Advisory ID:18397](https://secuniaresearch.flexerasoftware.com/advisories/18397/)\n[Secunia Advisory ID:18321](https://secuniaresearch.flexerasoftware.com/advisories/18321/)\n[Secunia Advisory ID:18403](https://secuniaresearch.flexerasoftware.com/advisories/18403/)\n[Secunia Advisory ID:18304](https://secuniaresearch.flexerasoftware.com/advisories/18304/)\n[Secunia Advisory ID:18350](https://secuniaresearch.flexerasoftware.com/advisories/18350/)\n[Secunia Advisory ID:18517](https://secuniaresearch.flexerasoftware.com/advisories/18517/)\n[Secunia Advisory ID:18347](https://secuniaresearch.flexerasoftware.com/advisories/18347/)\nRedHat RHSA: RHSA-2006:0164\nOther Advisory URL: http://www.ubuntulinux.org/usn/usn-239-1\nOther Advisory URL: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:009\nOther Advisory URL: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=367\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0295.html\nFrSIRT Advisory: ADV-2006-0070\n[CVE-2005-3656](https://vulners.com/cve/CVE-2005-3656)\n", "modified": "2006-01-05T10:18:26", "published": "2006-01-05T10:18:26", "href": "https://vulners.com/osvdb/OSVDB:22259", "id": "OSVDB:22259", "type": "osvdb", "title": "mod_auth_pgsql for Apache HTTP Server Log Function Format String", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3656"], "description": "The remote host is missing an update to libapache2-mod-auth-pgsql\nannounced via advisory DSA 935-1.\n\niDEFENSE reports that a format string vulnerability in mod_auth_pgsql, a\nlibrary used to authenticate web users against a PostgreSQL database,\ncould be used to execute arbitrary code with the privileges of the httpd\nuser.\n\nThe old stable distribution (woody) does not contain\nlibapache2-mod-auth-pgsql.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56115", "href": "http://plugins.openvas.org/nasl.php?oid=56115", "type": "openvas", "title": "Debian Security Advisory DSA 935-1 (libapache2-mod-auth-pgsql)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_935_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 935-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 2.0.2b1-5sarge0.\n\nFor the unstable distribution (sid) this problem will be fixed shortly.\n\nWe recommend that you upgrade your libapache2-mod-auth-pgsql package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20935-1\";\ntag_summary = \"The remote host is missing an update to libapache2-mod-auth-pgsql\nannounced via advisory DSA 935-1.\n\niDEFENSE reports that a format string vulnerability in mod_auth_pgsql, a\nlibrary used to authenticate web users against a PostgreSQL database,\ncould be used to execute arbitrary code with the privileges of the httpd\nuser.\n\nThe old stable distribution (woody) does not contain\nlibapache2-mod-auth-pgsql.\";\n\n\nif(description)\n{\n script_id(56115);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(16153);\n script_cve_id(\"CVE-2005-3656\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 935-1 (libapache2-mod-auth-pgsql)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-auth-pgsql\", ver:\"2.0.2b1-5sarge0\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:24:42", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3656"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0164\n\n\nThe mod_auth_pgsql package is an httpd module that allows user\r\nauthentication against information stored in a PostgreSQL database.\r\n\r\nSeveral format string flaws were found in the way mod_auth_pgsql logs\r\ninformation. It may be possible for a remote attacker to execute arbitrary\r\ncode as the 'apache' user if mod_auth_pgsql is used for user\r\nauthentication. The Common Vulnerabilities and Exposures project assigned\r\nthe name CVE-2005-3656 to this issue.\r\n\r\nPlease note that this issue only affects servers which have mod_auth_pgsql\r\ninstalled and configured to perform user authentication against a\r\nPostgreSQL database.\r\n\r\nAll users of mod_auth_pgsql should upgrade to these updated packages, which\r\ncontain a backported patch to resolve this issue.\r\n\r\nThis issue does not affect the mod_auth_pgsql package supplied with Red Hat\r\nEnterprise Linux 2.1.\r\n\r\nRed Hat would like to thank iDefense for reporting this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024584.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024585.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024586.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024587.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024588.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024589.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024590.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024591.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024592.html\n\n**Affected packages:**\nmod_auth_pgsql\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0164.html", "edition": 4, "modified": "2006-01-06T13:25:25", "published": "2006-01-06T08:44:52", "href": "http://lists.centos.org/pipermail/centos-announce/2006-January/024584.html", "id": "CESA-2006:0164", "title": "mod_auth_pgsql security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:06", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3656"], "description": "The mod_auth_pgsql package is an httpd module that allows user\r\nauthentication against information stored in a PostgreSQL database.\r\n\r\nSeveral format string flaws were found in the way mod_auth_pgsql logs\r\ninformation. It may be possible for a remote attacker to execute arbitrary\r\ncode as the 'apache' user if mod_auth_pgsql is used for user\r\nauthentication. The Common Vulnerabilities and Exposures project assigned\r\nthe name CVE-2005-3656 to this issue.\r\n\r\nPlease note that this issue only affects servers which have mod_auth_pgsql\r\ninstalled and configured to perform user authentication against a\r\nPostgreSQL database.\r\n\r\nAll users of mod_auth_pgsql should upgrade to these updated packages, which\r\ncontain a backported patch to resolve this issue.\r\n\r\nThis issue does not affect the mod_auth_pgsql package supplied with Red Hat\r\nEnterprise Linux 2.1.\r\n\r\nRed Hat would like to thank iDefense for reporting this issue.", "modified": "2017-09-08T11:53:37", "published": "2006-01-05T05:00:00", "id": "RHSA-2006:0164", "href": "https://access.redhat.com/errata/RHSA-2006:0164", "type": "redhat", "title": "(RHSA-2006:0164) mod_auth_pgsql security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-07T11:51:31", "description": "iDefense discovered several format string vulnerabilities in the way\nthat mod_auth_pgsql logs information which could potentially be used\nby a remote attacker to execute arbitrary code as the apache user if\nmod_auth_pgsql is used for user authentication.\n\nThe provided packages have been patched to prevent this problem.", "edition": 24, "published": "2006-01-15T00:00:00", "title": "Mandrake Linux Security Advisory : apache2-mod_auth_pgsql (MDKSA-2006:009)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3656"], "modified": "2006-01-15T00:00:00", "cpe": ["cpe:/o:mandrakesoft:mandrake_linux:10.1", "p-cpe:/a:mandriva:linux:apache2-mod_auth_pgsql", "cpe:/o:mandriva:linux:2006", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005", "p-cpe:/a:mandriva:linux:apache-mod_auth_pgsql"], "id": "MANDRAKE_MDKSA-2006-009.NASL", "href": "https://www.tenable.com/plugins/nessus/20475", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:009. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20475);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-3656\");\n script_xref(name:\"MDKSA\", value:\"2006:009\");\n\n script_name(english:\"Mandrake Linux Security Advisory : apache2-mod_auth_pgsql (MDKSA-2006:009)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"iDefense discovered several format string vulnerabilities in the way\nthat mod_auth_pgsql logs information which could potentially be used\nby a remote attacker to execute arbitrary code as the apache user if\nmod_auth_pgsql is used for user authentication.\n\nThe provided packages have been patched to prevent this problem.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected apache-mod_auth_pgsql and / or\napache2-mod_auth_pgsql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_auth_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_auth_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_auth_pgsql-2.0.50_2.0.2b1-3.1.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_auth_pgsql-2.0.53_2.0.2b1-6.1.102mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_auth_pgsql-2.0.54_2.0.2b1-3.1.20060mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:52:00", "description": "The remote host is affected by the vulnerability described in GLSA-200601-05\n(mod_auth_pgsql: Multiple format string vulnerabilities)\n\n The error logging functions of mod_auth_pgsql fail to validate certain\n strings before passing them to syslog, resulting in format string\n vulnerabilities.\n \nImpact :\n\n An unauthenticated remote attacker could exploit these vulnerabilities\n to execute arbitrary code with the rights of the user running the\n Apache2 server by sending specially crafted login names.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2006-01-15T00:00:00", "title": "GLSA-200601-05 : mod_auth_pgsql: Multiple format string vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3656"], "modified": "2006-01-15T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:mod_auth_pgsql"], "id": "GENTOO_GLSA-200601-05.NASL", "href": "https://www.tenable.com/plugins/nessus/20415", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200601-05.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20415);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-3656\");\n script_xref(name:\"GLSA\", value:\"200601-05\");\n\n script_name(english:\"GLSA-200601-05 : mod_auth_pgsql: Multiple format string vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200601-05\n(mod_auth_pgsql: Multiple format string vulnerabilities)\n\n The error logging functions of mod_auth_pgsql fail to validate certain\n strings before passing them to syslog, resulting in format string\n vulnerabilities.\n \nImpact :\n\n An unauthenticated remote attacker could exploit these vulnerabilities\n to execute arbitrary code with the rights of the user running the\n Apache2 server by sending specially crafted login names.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://www.frsirt.com/english/advisories/2006/0070\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.frsirt.com\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200601-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All mod_auth_pgsql users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apache/mod_auth_pgsql-2.0.3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mod_auth_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-apache/mod_auth_pgsql\", unaffected:make_list(\"ge 2.0.3\", \"lt 1.0.0\"), vulnerable:make_list(\"lt 2.0.3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_auth_pgsql\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:54", "description": "Several format string flaws were found in the way mod_auth_pgsql logs\ninformation. It may be possible for a remote attacker to execute\narbitrary code as the 'apache' user if mod_auth_pgsql is used for user\nauthentication. The Common Vulnerabilities and Exposures project\nassigned the name CVE-2005-3656 to this issue.\n\nPlease note that this issue only affects servers which have\nmod_auth_pgsql installed and configured to perform user authentication\nagainst a PostgreSQL database.\n\nRed Hat would like to thank iDefense for reporting this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2006-01-15T00:00:00", "title": "Fedora Core 4 : mod_auth_pgsql-2.0.1-8.1 (2006-015)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3656"], "modified": "2006-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql", "cpe:/o:fedoraproject:fedora_core:4", "p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql-debuginfo"], "id": "FEDORA_2006-015.NASL", "href": "https://www.tenable.com/plugins/nessus/20405", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-015.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20405);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-3656\");\n script_xref(name:\"FEDORA\", value:\"2006-015\");\n\n script_name(english:\"Fedora Core 4 : mod_auth_pgsql-2.0.1-8.1 (2006-015)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several format string flaws were found in the way mod_auth_pgsql logs\ninformation. It may be possible for a remote attacker to execute\narbitrary code as the 'apache' user if mod_auth_pgsql is used for user\nauthentication. The Common Vulnerabilities and Exposures project\nassigned the name CVE-2005-3656 to this issue.\n\nPlease note that this issue only affects servers which have\nmod_auth_pgsql installed and configured to perform user authentication\nagainst a PostgreSQL database.\n\nRed Hat would like to thank iDefense for reporting this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2006-January/001721.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c2586cd7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected mod_auth_pgsql and / or mod_auth_pgsql-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 4.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC4\", reference:\"mod_auth_pgsql-2.0.1-8.1\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"mod_auth_pgsql-debuginfo-2.0.1-8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_auth_pgsql / mod_auth_pgsql-debuginfo\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T10:03:44", "description": "iDEFENSE reports that a format string vulnerability in mod_auth_pgsql,\na library used to authenticate web users against a PostgreSQL\ndatabase, could be used to execute arbitrary code with the privileges\nof the httpd user.", "edition": 25, "published": "2006-10-14T00:00:00", "title": "Debian DSA-935-1 : libapache2-mod-auth-pgsql - format string vulnerability", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3656"], "modified": "2006-10-14T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libapache2-mod-auth-pgsql", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-935.NASL", "href": "https://www.tenable.com/plugins/nessus/22801", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-935. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22801);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-3656\");\n script_bugtraq_id(16153);\n script_xref(name:\"DSA\", value:\"935\");\n\n script_name(english:\"Debian DSA-935-1 : libapache2-mod-auth-pgsql - format string vulnerability\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"iDEFENSE reports that a format string vulnerability in mod_auth_pgsql,\na library used to authenticate web users against a PostgreSQL\ndatabase, could be used to execute arbitrary code with the privileges\nof the httpd user.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-935\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libapache2-mod-auth-pgsql package.\n\nThe old stable distribution (woody) does not contain\nlibapache2-mod-auth-pgsql.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 2.0.2b1-5sarge0.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-auth-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"libapache2-mod-auth-pgsql\", reference:\"2.0.2b1-5sarge0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:54", "description": "Several format string flaws were found in the way mod_auth_pgsql logs\ninformation. It may be possible for a remote attacker to execute\narbitrary code as the 'apache' user if mod_auth_pgsql is used for user\nauthentication. The Common Vulnerabilities and Exposures project\nassigned the name CVE-2005-3656 to this issue.\n\nPlease note that this issue only affects servers which have\nmod_auth_pgsql installed and configured to perform user authentication\nagainst a PostgreSQL database.\n\nRed Hat would like to thank iDefense for reporting this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2006-01-15T00:00:00", "title": "Fedora Core 3 : mod_auth_pgsql-2.0.1-6.2 (2006-014)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3656"], "modified": "2006-01-15T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:3", "p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql", "p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql-debuginfo"], "id": "FEDORA_2006-014.NASL", "href": "https://www.tenable.com/plugins/nessus/20404", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-014.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20404);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-3656\");\n script_xref(name:\"FEDORA\", value:\"2006-014\");\n\n script_name(english:\"Fedora Core 3 : mod_auth_pgsql-2.0.1-6.2 (2006-014)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several format string flaws were found in the way mod_auth_pgsql logs\ninformation. It may be possible for a remote attacker to execute\narbitrary code as the 'apache' user if mod_auth_pgsql is used for user\nauthentication. The Common Vulnerabilities and Exposures project\nassigned the name CVE-2005-3656 to this issue.\n\nPlease note that this issue only affects servers which have\nmod_auth_pgsql installed and configured to perform user authentication\nagainst a PostgreSQL database.\n\nRed Hat would like to thank iDefense for reporting this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2006-January/001720.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9a06230c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected mod_auth_pgsql and / or mod_auth_pgsql-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 3.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC3\", reference:\"mod_auth_pgsql-2.0.1-6.2\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"mod_auth_pgsql-debuginfo-2.0.1-6.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_auth_pgsql / mod_auth_pgsql-debuginfo\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:05:34", "description": "Updated mod_auth_pgsql packages that fix format string security issues\nare now available for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe mod_auth_pgsql package is an httpd module that allows user\nauthentication against information stored in a PostgreSQL database.\n\nSeveral format string flaws were found in the way mod_auth_pgsql logs\ninformation. It may be possible for a remote attacker to execute\narbitrary code as the 'apache' user if mod_auth_pgsql is used for user\nauthentication. The Common Vulnerabilities and Exposures project\nassigned the name CVE-2005-3656 to this issue.\n\nPlease note that this issue only affects servers which have\nmod_auth_pgsql installed and configured to perform user authentication\nagainst a PostgreSQL database.\n\nAll users of mod_auth_pgsql should upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.\n\nThis issue does not affect the mod_auth_pgsql package supplied with\nRed Hat Enterprise Linux 2.1.\n\nRed Hat would like to thank iDefense for reporting this issue.", "edition": 28, "published": "2006-01-11T00:00:00", "title": "RHEL 3 / 4 : mod_auth_pgsql (RHSA-2006:0164)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3656"], "modified": "2006-01-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "p-cpe:/a:redhat:enterprise_linux:mod_auth_pgsql", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2006-0164.NASL", "href": "https://www.tenable.com/plugins/nessus/20399", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0164. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20399);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-3656\");\n script_xref(name:\"RHSA\", value:\"2006:0164\");\n\n script_name(english:\"RHEL 3 / 4 : mod_auth_pgsql (RHSA-2006:0164)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mod_auth_pgsql packages that fix format string security issues\nare now available for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe mod_auth_pgsql package is an httpd module that allows user\nauthentication against information stored in a PostgreSQL database.\n\nSeveral format string flaws were found in the way mod_auth_pgsql logs\ninformation. It may be possible for a remote attacker to execute\narbitrary code as the 'apache' user if mod_auth_pgsql is used for user\nauthentication. The Common Vulnerabilities and Exposures project\nassigned the name CVE-2005-3656 to this issue.\n\nPlease note that this issue only affects servers which have\nmod_auth_pgsql installed and configured to perform user authentication\nagainst a PostgreSQL database.\n\nAll users of mod_auth_pgsql should upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.\n\nThis issue does not affect the mod_auth_pgsql package supplied with\nRed Hat Enterprise Linux 2.1.\n\nRed Hat would like to thank iDefense for reporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-3656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2006:0164\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_auth_pgsql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_auth_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2006:0164\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"mod_auth_pgsql-2.0.1-4.ent.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"mod_auth_pgsql-2.0.1-7.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_auth_pgsql\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:27:59", "description": "Several format string vulnerabilities were discovered in the error\nlogging handling. By sending specially crafted user names, an\nunauthenticated remote attacker could exploit this to crash the Apache\nserver or possibly even execute arbitrary code with the privileges of\nApache (user 'www-data').\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2006-01-21T00:00:00", "title": "Ubuntu 4.10 / 5.04 / 5.10 : libapache2-mod-auth-pgsql vulnerability (USN-239-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3656"], "modified": "2006-01-21T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-auth-pgsql", "cpe:/o:canonical:ubuntu_linux:5.10"], "id": "UBUNTU_USN-239-1.NASL", "href": "https://www.tenable.com/plugins/nessus/20786", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-239-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20786);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2005-3656\");\n script_xref(name:\"USN\", value:\"239-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 / 5.10 : libapache2-mod-auth-pgsql vulnerability (USN-239-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several format string vulnerabilities were discovered in the error\nlogging handling. By sending specially crafted user names, an\nunauthenticated remote attacker could exploit this to crash the Apache\nserver or possibly even execute arbitrary code with the privileges of\nApache (user 'www-data').\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libapache2-mod-auth-pgsql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-auth-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04|5\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04 / 5.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libapache2-mod-auth-pgsql\", pkgver:\"2.0.2b1-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libapache2-mod-auth-pgsql\", pkgver:\"2.0.2b1-5ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libapache2-mod-auth-pgsql\", pkgver:\"2.0.2b1-6ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-auth-pgsql\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:24:56", "description": "Updated mod_auth_pgsql packages that fix format string security issues\nare now available for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe mod_auth_pgsql package is an httpd module that allows user\nauthentication against information stored in a PostgreSQL database.\n\nSeveral format string flaws were found in the way mod_auth_pgsql logs\ninformation. It may be possible for a remote attacker to execute\narbitrary code as the 'apache' user if mod_auth_pgsql is used for user\nauthentication. The Common Vulnerabilities and Exposures project\nassigned the name CVE-2005-3656 to this issue.\n\nPlease note that this issue only affects servers which have\nmod_auth_pgsql installed and configured to perform user authentication\nagainst a PostgreSQL database.\n\nAll users of mod_auth_pgsql should upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.\n\nThis issue does not affect the mod_auth_pgsql package supplied with\nRed Hat Enterprise Linux 2.1.\n\nRed Hat would like to thank iDefense for reporting this issue.", "edition": 27, "published": "2006-07-03T00:00:00", "title": "CentOS 3 / 4 : mod_auth_pgsql (CESA-2006:0164)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3656"], "modified": "2006-07-03T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:mod_auth_pgsql", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2006-0164.NASL", "href": "https://www.tenable.com/plugins/nessus/21887", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0164 and \n# CentOS Errata and Security Advisory 2006:0164 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21887);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-3656\");\n script_xref(name:\"RHSA\", value:\"2006:0164\");\n\n script_name(english:\"CentOS 3 / 4 : mod_auth_pgsql (CESA-2006:0164)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mod_auth_pgsql packages that fix format string security issues\nare now available for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe mod_auth_pgsql package is an httpd module that allows user\nauthentication against information stored in a PostgreSQL database.\n\nSeveral format string flaws were found in the way mod_auth_pgsql logs\ninformation. It may be possible for a remote attacker to execute\narbitrary code as the 'apache' user if mod_auth_pgsql is used for user\nauthentication. The Common Vulnerabilities and Exposures project\nassigned the name CVE-2005-3656 to this issue.\n\nPlease note that this issue only affects servers which have\nmod_auth_pgsql installed and configured to perform user authentication\nagainst a PostgreSQL database.\n\nAll users of mod_auth_pgsql should upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.\n\nThis issue does not affect the mod_auth_pgsql package supplied with\nRed Hat Enterprise Linux 2.1.\n\nRed Hat would like to thank iDefense for reporting this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012547.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a009724\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012548.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ae66026d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012551.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54102197\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012552.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ba7fd999\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012553.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72be28d4\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012554.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?30b774db\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_auth_pgsql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_auth_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"mod_auth_pgsql-2.0.1-4.ent.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"mod_auth_pgsql-2.0.1-7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_auth_pgsql\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:15", "bulletinFamily": "software", "cvelist": ["CVE-2005-3656"], "description": "===========================================================\r\nUbuntu Security Notice USN-239-1 January 09, 2006\r\nlibapache2-mod-auth-pgsql vulnerability\r\nCVE-2005-3656\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 4.10 (Warty Warthog)\r\nUbuntu 5.04 (Hoary Hedgehog)\r\nUbuntu 5.10 (Breezy Badger)\r\n\r\nThe following packages are affected:\r\n\r\nlibapache2-mod-auth-pgsql\r\n\r\nThe problem can be corrected by upgrading the affected package to\r\nversion 2.0.2b1-2ubuntu0.1 (for Ubuntu 4.10), 2.0.2b1-5ubuntu0.1 (for\r\nUbuntu 5.04), or 2.0.2b1-6ubuntu0.1 (for Ubuntu 5.10). After a\r\nstandard system upgrade you need to restart the Apache 2 server to\r\neffect the necessary changes:\r\n\r\n sudo /etc/init.d/apache2 restart\r\n\r\nDetails follow:\r\n\r\nSeveral format string vulnerabilities were discovered in the error\r\nlogging handling. By sending specially crafted user names, an\r\nunauthenticated remote attacker could exploit this to crash the Apache\r\nserver or possibly even execute arbitrary code with the privileges of\r\nApache (user 'www-data').\r\n\r\nUpdated packages for Ubuntu 4.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-2ubuntu0.1.diff.gz\r\n Size/MD5: 3333 92b6b02989c62a28214e6691ff09bb50\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-2ubuntu0.1.dsc\r\n Size/MD5: 709 d4c469c2bc7fe0735ba9f59a504ff554\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1.orig.tar.gz\r\n Size/MD5: 15928 e2c032df0cd7e4a46381dcf6e488efe9\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-2ubuntu0.1_amd64.deb\r\n Size/MD5: 19802 b1e6729a94175772ee2cac63ea2da13d\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-2ubuntu0.1_i386.deb\r\n Size/MD5: 18974 178de9440075d3694ed1f4af72773daa\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 20368 e872d0f306e7906b9d4205b9e24eff8e\r\n\r\nUpdated packages for Ubuntu 5.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5ubuntu0.1.diff.gz\r\n Size/MD5: 5078 c95a57458bc15935390275860fc65894\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5ubuntu0.1.dsc\r\n Size/MD5: 724 d32ade3227241ac2b26d70f755d0bdfe\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1.orig.tar.gz\r\n Size/MD5: 15928 e2c032df0cd7e4a46381dcf6e488efe9\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5ubuntu0.1_amd64.deb\r\n Size/MD5: 20104 4c7840fa3e2c912f926e025be838b011\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5ubuntu0.1_i386.deb\r\n Size/MD5: 19270 e07b1d6409abe38dc4fa3f67701846e1\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5ubuntu0.1_powerpc.deb\r\n Size/MD5: 20738 b6feefa3f30174ae9368af78eed30b6f\r\n\r\nUpdated packages for Ubuntu 5.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-6ubuntu0.1.diff.gz\r\n Size/MD5: 5173 33ce214fcaa05c8bde42809d9407368b\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-6ubuntu0.1.dsc\r\n Size/MD5: 708 ded1588c8d8cf28128cde3d71f567201\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1.orig.tar.gz\r\n Size/MD5: 15928 e2c032df0cd7e4a46381dcf6e488efe9\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-6ubuntu0.1_amd64.deb\r\n Size/MD5: 20348 68f6cfd60cbf7e6f2cad792bfaf5177a\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-6ubuntu0.1_i386.deb\r\n Size/MD5: 19092 52712f3b790ea61ef60aa8734d55baac\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-6ubuntu0.1_powerpc.deb\r\n Size/MD5: 21122 69d5ec8ec12d43c03dead9fee1135bab", "edition": 1, "modified": "2006-01-09T00:00:00", "published": "2006-01-09T00:00:00", "id": "SECURITYVULNS:DOC:10934", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:10934", "title": "[Full-disclosure] [USN-239-1] libapache2-mod-auth-pgsql vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:15", "bulletinFamily": "software", "cvelist": ["CVE-2005-3656"], "description": "Multiple Vendor mod_auth_pgsql Format String Vulnerability\r\n\r\niDefense Security Advisory 01.09.06\r\nhttp://www.idefense.com/intelligence/vulnerabilities/display.php?id=367\r\nJanuary 09, 2006\r\n\r\nI. BACKGROUND\r\n\r\nThe mod_auth_pgsql apache module allows user authentication against\r\ninformation stored in a PostgreSQL database. More information can be\r\nfound at the following site:\r\n\r\n http://www.giuseppetanzilli.it/mod_auth_pgsql2/\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of a format string vulnerability in multiple\r\nversions of the mod_auth_pgsql authentication module for the Apache\r\nhttpd could allow the execution of arbitrary code in the context of the\r\nhttpd.\r\n\r\nThe mod_auth_pgsql module for the Apache httpd is a third party\r\nauthentication module which allows authentication details to be stored\r\nin a PostgreSQL database. Although this is a third party module, it is\r\navailable as a package for several distributions, including Red Hat\r\nLinux, Debian GNU/Linux and FreeBSD.\r\n\r\nDue to a design error, many of the logging functions in this module take\r\nuser supplied values as input to the format specifier. An example of\r\nthis is shown below:\r\n\r\n ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, pg_errstr);\r\n\r\nWhen part of the error message contains a format string specifier it is\r\nprocessed. For example, for the username "%x%x%x%x%x", output similar\r\nto the following may appear in the 'error_log' file for the targetted\r\nhttpd:\r\n\r\n[Tue Sep 23 11:34:38 2005] [error] [client 10.1.10.11] mod_auth_pgsql:\r\n Password for user 406869a083b3c900083b3cb3 not found (PG-Authoritative)\r\n\r\nThe sequence of hex characters is the result of the ap_log_rerror()\r\nfunction parsing the input string as a format string, and contains\r\nvalues from the stack. When the name supplied causes an invalid memory\r\naccess, the child process may exit with a logged error similar to:\r\n\r\n[Tue Sep 24 11:25:53 2005] [notice] child pid 12345 exit signal\r\n Segmentation fault (11)\r\n\r\nIII. ANALYSIS\r\n\r\nSuccessful exploitation allows remote attackers to gain local access to\r\nthe vulnerable system in the context of the affected httpd. In order to\r\nexploit this vulnerability, the attacker must know the URI of at least\r\none reource on the web server which is configured to use this module for\r\nauthentication. This module is not installed by default, but is\r\navailable as a package from some vendors, including Red Hat. Additional\r\nconfiguration is required before the module is active after installing.\r\n\r\nWhile format string exploit techniques are well documented, most\r\ndiscussions of and exploits for vulnerabilities containing them rely on\r\nthe user supplied string being located on the stack. The reason for\r\nthis is that it allows the attacker to directly supply pointers to the\r\nmemory locations they wish to modify via the %n format specifier. As\r\nthis module does not store the format string on the stack, this may make\r\nexploitation more difficult as techniques for exploiting this kind of\r\nformat string are not as commonly known. However, such information is\r\npublicly available.\r\n\r\nSuccessful exploitation would allow a remote unauthenticated user access\r\nto an affected system with the permissions of the httpd itself.\r\n\r\nIV. DETECTION\r\n\r\niDefense has confirmed the existence of this vulnerability in version\r\n2.0.2b1 of mod_auth_pgsql for Apache 2.x. It is suspected that earlier\r\nversions are also affected.\r\n\r\nV. WORKAROUND\r\n\r\nDisable the module, and use another form of authentication for the\r\naffected resource.\r\n\r\nIn order to disable the module on Red Hat systems, execute the following\r\ncommands as root:\r\n\r\n cd /etc/httpd/conf.d\r\n mv auth_pgsql.conf auth_pgsql.disabled\r\n\r\nIf you have any '.htaccess' files, you may also have to disable any\r\nauthentication with references to mod_auth_pgsql directives. These\r\ndirectives all start with 'Auth_PG_'.\r\n\r\nAt this point, you should add another authentication method for the\r\nresources that were protected by this module. The exact operations to\r\nperform are dependant on which authentication method you choose to use.\r\n\r\nAfter performing these steps, restart the httpd by executing the\r\nfollowing command as root:\r\n\r\n /sbin/service httpd restart\r\n\r\nFor other distributions, the general steps are the same (disable the\r\nmodule, add another form of authentication, and restart the httpd),\r\nhowever the details may vary slightly.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nThe maintainer has released mod_auth_pgsql 2.0.3 to address this\r\nvulnerability, which is available for download at:\r\n\r\n http://www.giuseppetanzilli.it/mod_auth_pgsql2/dist/\r\n \r\nRed Hat, Inc:\r\n\r\nUpdates are available for Red Hat Enterprise Linux 3 and 4 to correct\r\nthis issue. Red Hat Enterprise Linux 2.1 was not affected by this\r\nissue. New mod_auth_pgsql packages along with our advisory are available\r\nat the URL below and by using the Red Hat Network 'up2date' tool.\r\n \r\n https://rhn.redhat.com/errata/RHSA-2006-0164.html\r\n\r\nUpdates are available for Fedora Core 3 and 4 to correct this issue.\r\n \r\n www.redhat.com/archives/fedora-announce-list/2006-January/msg00016.html\r\n www.redhat.com/archives/fedora-announce-list/2006-January/msg00015.html\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\r\nname CVE-2005-3656 to this issue. This is a candidate for inclusion in\r\nthe CVE list (http://cve.mitre.org), which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n11/15/2005 Initial vendor notification\r\n11/22/2005 Initial vendor response\r\n01/09/2006 Coordinated public disclosure\r\n\r\nIX. CREDIT\r\n\r\nThe discovery of this vulnerability is credited to Sparfell.\r\n\r\nGet paid for vulnerability research\r\nhttp://www.idefense.com/poi/teams/vcp.jsp\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2006 iDefense, Inc.\r\n\r\nPermission is granted for the redistribution of this alert\r\nelectronically. It may not be edited in any way without the express\r\nwritten consent of iDefense. If you wish to reprint the whole or any\r\npart of this alert in any other medium other than electronically, please\r\nemail customerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate\r\nat the time of publishing based on currently available information. Use\r\nof the information constitutes acceptance for use in an AS IS condition.\r\nThere are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.", "edition": 1, "modified": "2006-01-10T00:00:00", "published": "2006-01-10T00:00:00", "id": "SECURITYVULNS:DOC:10941", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:10941", "title": "iDefense Security Advisory 01.09.06: Multiple Vendor mod_auth_pgsql Format String Vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2019-05-30T02:23:07", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3656"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 935-1 security@debian.org\nhttp://www.debian.org/security/ Michael Stone\nJanuary 10, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : libapache2-mod-auth-pgsql\nVulnerability : format string vulnerability\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2005-3656\nDebian Bug : 307852\n\niDEFENSE reports that a format string vulnerability in mod_auth_pgsql, a\nlibrary used to authenticate web users against a PostgreSQL database,\ncould be used to execute arbitrary code with the privileges of the httpd\nuser.\n\nThe old stable distribution (woody) does not contain\nlibapache2-mod-auth-pgsql.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 2.0.2b1-5sarge0.\n\nFor the unstable distribution (sid) this problem will be fixed shortly.\n\nWe recommend that you upgrade your libapache2-mod-auth-pgsql package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0.dsc\n Size/MD5 checksum: 718 64320b302321622c1007810e18f6559a\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0.diff.gz\n Size/MD5 checksum: 5031 400a8ca9689409375c56eafe38a957a7\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1.orig.tar.gz\n Size/MD5 checksum: 15928 e2c032df0cd7e4a46381dcf6e488efe9\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_alpha.deb\n Size/MD5 checksum: 20410 4e2c27c73a6ca3ca70713e31842c01ca\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_amd64.deb\n Size/MD5 checksum: 20040 9b542446b7336c88c2ffabdad730b74f\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_arm.deb\n Size/MD5 checksum: 18806 fcf3a9529b0b2af5a67237360c60f554\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_i386.deb\n Size/MD5 checksum: 19406 f869e108de0839dcdcc2ee9459a8848d\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_ia64.deb\n Size/MD5 checksum: 22282 018e612149c4d4a2cb139ee91b972cae\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_hppa.deb\n Size/MD5 checksum: 20686 dc84765b12cb57c7c2b68d9f875d8f07\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_m68k.deb\n Size/MD5 checksum: 18944 ab3c2f517273d868d8dd3fcf9b78ea0a\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_mips.deb\n Size/MD5 checksum: 18884 cfed58fc3dd4bc0e7b635f048b9ef317\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_mipsel.deb\n Size/MD5 checksum: 18860 dc5b1b912b0fcf62d2a8edc7a5a9fa52\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_powerpc.deb\n Size/MD5 checksum: 20710 bdc297d45748433b2adcd3ac962612a3\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_s390.deb\n Size/MD5 checksum: 19840 798db337084461ee60239274cf89f4e0\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache2-mod-auth-pgsql/libapache2-mod-auth-pgsql_2.0.2b1-5sarge0_sparc.deb\n Size/MD5 checksum: 19006 6cd6c8809599feec59df63281adcfd7b\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 2, "modified": "2006-01-10T00:00:00", "published": "2006-01-10T00:00:00", "id": "DEBIAN:DSA-935-1:08209", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00007.html", "title": "[SECURITY] [DSA 935-1] New libapache2-mod-auth-pgsql packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}