Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:870532
HistoryNov 30, 2010 - 12:00 a.m.

AWStats fails to properly handle "\\" when specifying a configuration file directory

2010-11-3000:00:00
www.kb.cert.org
15

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.069

Percentile

93.9%

JSON

Overview

AWStats fails to properly handle "\" when specifying a configuration file directory. This could allow an attacker to specify an arbitrary configuration file located on an SMB share.

Description

From the AWStats project website: “AWStats is a free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically”. AWStats is vulnerable to remote command execution when installed on Apache Tomcat on Microsoft Windows operating systems. The AWStats application fails to properly handle "\" when specifying a configuration file directory.

Impact

An attacker can instruct the web server to load a malicious configuration file located on a malicious SMB file share. The malicious configuration file can contain arbitrary commands to be run on the vulnerable remote server as the web service account.

Solution

According to the vendor’s changelog this vulnerability has been addressed in AWStats 7.0.

Vendor Information

870532

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

AWStats __ Affected

Updated: November 30, 2010

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

<http://awstats.sourceforge.net/docs/awstats_changelog.txt&gt;

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

Thanks to StenoPlasma at ExploitDevelopment for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs: CVE-2010-4367, CVE-2010-4368
Severity Metric: 5.40 Date Public:

Related

openvas 6
ubuntucve 2
debiancve 2
cvelist 2
nvd 2
cve 2
prion 2
freebsd 1
nessus 1
openvas
openvas
Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
2010-12-01 00:00:00
Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
2010-12-01 00:00:00
FreeBSD Ports: awstats
2011-03-05 00:00:00
ubuntucve
ubuntucve
CVE-2010-4368
2010-12-02 00:00:00
CVE-2010-4367
2010-12-02 00:00:00
debiancve
debiancve
CVE-2010-4368
2022-10-03 16:21:03
CVE-2010-4367
2010-12-02 16:22:21
cvelist
cvelist
CVE-2010-4368
2022-10-03 16:21:03
CVE-2010-4367
2010-12-02 16:00:00
nvd
nvd
CVE-2010-4368
2010-12-02 16:22:21
CVE-2010-4367
2010-12-02 16:22:21
cve
cve
CVE-2010-4368
2022-10-03 16:21:03
CVE-2010-4367
2010-12-02 16:22:21
prion
prion
Design/Logic Flaw
2010-12-02 16:22:00
Design/Logic Flaw
2010-12-02 16:22:00
freebsd
freebsd
awstats -- arbitrary commands execution vulnerability
2010-05-01 00:00:00
nessus
nessus
FreeBSD : awstats -- arbitrary commands execution vulnerability (ce6ce2f8-34ac-11e0-8103-00215c6a37bb)
2011-02-10 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.069

Percentile

93.9%

JSON
Related for VU:870532
openvas6ubuntucve2debiancve2cvelist2nvd2cve2prion2freebsd1nessus1