Apache mod_auth_pgsql Remote SQL Query Manipulation Vulnerability

Threat level definition

Apache mod_auth_pgsql Remote SQL Query Manipulation Vulnerability

Solution:
Version 0.9.6 was still found to be prone to remote SQL query manipulation, so the vendor has released 0.9.9 to address this.

Conectiva has also released upgrades.

Guiseppe Tanzilli and Matthias Eckermann mod_auth_pgsql 0.9.5

Conectiva 4.0 mod_auth_pgsql-0.8-4U40_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/mod_auth_pgsql-0.8-4U40_3 cl.i386.rpm

Conectiva 4.0es mod_auth_pgsql-0.8-4U40_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/mod_auth_pgsql-0.8-4U40 _3cl.i386.rpm

Conectiva 4.1 mod_auth_pgsql-0.8-4U41_3cl.i386.rpm
tp://atualizacoes.conectiva.com.br/4.1/i386/mod_auth_pgsql-0.8-4U41_3c l.i386.rpm

Conectiva 4.2 mod_auth_pgsql-0.8-4U42_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/mod_auth_pgsql-0.8-4U42_3 cl.i386.rpm

Conectiva 5.0 mod_auth_pgsql-0.8-4U50_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/mod_auth_pgsql-0.8-4U50_3 cl.i386.rpm

Conectiva 5.1 mod_auth_pgsql-0.8-4U51_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/mod_auth_pgsql-0.8-4U51_3 cl.i386.rpm

Conectiva 6.0 mod_auth_pgsql-0.8-4U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/mod_auth_pgsql-0.8-4U60_3 cl.i386.rpm

Conectiva 7.0 mod_auth_pgsql-0.9.6-1U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mod_auth_pgsql-0.9.6-1U70 _2cl.i386.rpm

Conectiva ecommerce mod_auth_pgsql-0.8-4U50_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/mod_aut h_pgsql-0.8-4U50_3cl.i386.rpm

Conectiva graficas mod_auth_pgsql-0.8-4U50_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/mod_auth _pgsql-0.8-4U50_3cl.i386.rpm

FreeBSD ports-4 i386 mod_auth_pgsql-0.9.9.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/www/mod _auth_pgsql-0.9.9.tgz

FreeBSD ports-5 i386 mod_auth_pgsql-0.9.9.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/www/mo d_auth_pgsql-0.9.9.tgz

Guiseppe Tanzilli mod_auth_pgsql 0.9.6
http://www.giuseppetanzilli.it/mod_auth_pgsql/dist/

Guiseppe Tanzilli mod_auth_pgsql 0.9.9
http://www.giuseppetanzilli.it/mod_auth_pgsql/dist/

Guiseppe Tanzilli and Matthias Eckermann mod_auth_pgsql 0.9.6

Conectiva 4.0 mod_auth_pgsql-0.8-4U40_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/mod_auth_pgsql-0.8-4U40_3 cl.i386.rpm

Conectiva 4.0es mod_auth_pgsql-0.8-4U40_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/mod_auth_pgsql-0.8-4U40 _3cl.i386.rpm

Conectiva 4.1 mod_auth_pgsql-0.8-4U41_3cl.i386.rpm
tp://atualizacoes.conectiva.com.br/4.1/i386/mod_auth_pgsql-0.8-4U41_3c l.i386.rpm

Conectiva 4.2 mod_auth_pgsql-0.8-4U42_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/mod_auth_pgsql-0.8-4U42_3 cl.i386.rpm

Conectiva 5.0 mod_auth_pgsql-0.8-4U50_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/mod_auth_pgsql-0.8-4U50_3 cl.i386.rpm

Conectiva 5.1 mod_auth_pgsql-0.8-4U51_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/mod_auth_pgsql-0.8-4U51_3 cl.i386.rpm

Conectiva 6.0 mod_auth_pgsql-0.8-4U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/mod_auth_pgsql-0.8-4U60_3 cl.i386.rpm

Conectiva 7.0 mod_auth_pgsql-0.9.6-1U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mod_auth_pgsql-0.9.6-1U70 _2cl.i386.rpm

Conectiva ecommerce mod_auth_pgsql-0.8-4U50_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/mod_aut h_pgsql-0.8-4U50_3cl.i386.rpm

Conectiva graficas mod_auth_pgsql-0.8-4U50_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/mod_auth _pgsql-0.8-4U50_3cl.i386.rpm

Guiseppe Tanzilli mod_auth_pgsql 0.9.9
http://www.giuseppetanzilli.it/mod_auth_pgsql/dist/

Privacy Statement
Copyright 2008, SecurityFocus