Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-5080HistoryDec 03, 2008 - 6:30 p.m.
CVE-2008-5080
2008-12-0318:30:00
Debian Security Bug Tracker
security-tracker.debian.org
10
5.6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
71.5%
awstats.pl in AWStats 6.8 and earlier does not properly remove quote characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the query_string parameter. NOTE: this issue exists because of an incomplete fix for CVE-2008-3714.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | awstats | < 6.7.dfsg-5.1 | awstats_6.7.dfsg-5.1_all.deb |
| Debian | 11 | all | awstats | < 6.7.dfsg-5.1 | awstats_6.7.dfsg-5.1_all.deb |
| Debian | 10 | all | awstats | < 6.7.dfsg-5.1 | awstats_6.7.dfsg-5.1_all.deb |
| Debian | 999 | all | awstats | < 6.7.dfsg-5.1 | awstats_6.7.dfsg-5.1_all.deb |
| Debian | 13 | all | awstats | < 6.7.dfsg-5.1 | awstats_6.7.dfsg-5.1_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 8 Update: awstats-6.8-3.fc8
2008-12-08 13:03:12
[SECURITY] Fedora 9 Update: awstats-6.8-3.fc9
2008-12-08 13:06:27
[SECURITY] Fedora 10 Update: awstats-6.8-3.fc10
2008-12-08 13:04:52
openvas
openvas
Fedora Update for awstats FEDORA-2008-10950
2009-02-16 00:00:00
Debian: Security Advisory (DSA-1679-1)
2008-12-10 00:00:00
Ubuntu: Security Advisory (USN-686-1)
2009-03-23 00:00:00
nessus
nessus
Fedora 8 : awstats-6.8-3.fc8 (2008-10938)
2008-12-09 00:00:00
FreeBSD : awstats -- multiple XSS vulnerabilities (27d78386-d35f-11dd-b800-001b77d09812)
2009-01-05 00:00:00
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : awstats vulnerability (USN-686-1)
2009-04-23 00:00:00
prion
prion
Cross site scripting
2008-12-03 18:30:00
Cross site scripting
2008-08-19 19:41:00
freebsd
freebsd
awstats -- multiple XSS vulnerabilities
2008-03-12 00:00:00
cve
cve
CVE-2008-5080
2008-12-03 18:30:00
CVE-2008-3714
2008-08-19 19:41:00
ubuntucve
ubuntucve
CVE-2008-5080
2008-12-03 00:00:00
CVE-2008-3714
2008-08-19 00:00:00
redhatcve
redhatcve
CVE-2008-5080
2019-10-04 20:43:23
ubuntu
ubuntu
AWStats vulnerability
2008-12-04 00:00:00
seebug
seebug
AWStats awstats.pl跨站脚本漏洞
2008-12-05 00:00:00
debian
debian
[SECURITY] [DSA 1679-1] New awstats packages fix cross-site scripting
2008-12-03 11:05:53
osv
osv
awstats - cross-site scripting
2008-12-03 00:00:00
debiancve
debiancve
CVE-2008-3714
2008-08-19 19:41:00
securityvulns
securityvulns
5.6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
71.5%
Related for DEBIANCVE:CVE-2008-5080