Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-1527HistoryAug 15, 2005 - 4:00 a.m.
CVE-2005-1527
2005-08-1504:00:00
Debian Security Bug Tracker
security-tracker.debian.org
10
0.013 Low
EPSS
Percentile
85.7%
Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | awstats | < 6.4-1.1 | awstats_6.4-1.1_all.deb |
| Debian | 11 | all | awstats | < 6.4-1.1 | awstats_6.4-1.1_all.deb |
| Debian | 10 | all | awstats | < 6.4-1.1 | awstats_6.4-1.1_all.deb |
| Debian | 999 | all | awstats | < 6.4-1.1 | awstats_6.4-1.1_all.deb |
| Debian | 13 | all | awstats | < 6.4-1.1 | awstats_6.4-1.1_all.deb |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200508-07 (awstats)
2008-09-24 00:00:00
Debian Security Advisory DSA 892-1 (awstats)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-892-1)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 892-1] New awstats packages fix arbitrary command execution
2005-11-10 06:10:33
[SECURITY] [DSA 892-1] New awstats packages fix arbitrary command execution
2005-11-10 00:00:00
nessus
nessus
Ubuntu 5.04 : awstats vulnerability (USN-167-1)
2006-01-15 00:00:00
GLSA-200508-07 : AWStats: Arbitrary code execution using malicious Referrer information
2005-08-18 00:00:00
Debian DSA-892-1 : awstats - missing input sanitising
2006-10-14 00:00:00
gentoo
gentoo
AWStats: Arbitrary code execution using malicious Referrer information
2005-08-16 00:00:00
cvelist
cvelist
CVE-2005-1527
2005-08-15 04:00:00
ubuntu
ubuntu
AWStats vulnerability
2005-08-12 00:00:00
freebsd
freebsd
awstats -- arbitrary code execution vulnerability
2005-08-09 00:00:00
ubuntucve
ubuntucve
CVE-2005-1527
2005-08-15 00:00:00
cve
cve
CVE-2005-1527
2005-08-15 04:00:00
securityvulns
securityvulns