659 matches found
Path traversal
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters...
UBUNTU-CVE-2018-10245
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters...
CVE-2018-10245
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters...
CVE-2018-10245
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters...
DEBIAN-CVE-2018-10245
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters...
CVE-2018-10245
CVE-2018-10245 affects AWStats; the flaw is a full path disclosure caused by improper handling of framename and update parameters in awstats.pl, enabling remote attackers to determine server file paths. The related nuclei template confirms the issue for AWStats
CVE-2018-10245
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters...
CVE-2018-10245
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters...
Debian DSA-4092-1 : awstats - security update
The cPanel Security Team discovered that awstats, a log file analyzer, was vulnerable to path traversal attacks. A remote unauthenticated attacker could leverage that to perform arbitrary code execution. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
[SECURITY] [DSA 4092-1] awstats security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4092-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 19, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4092-1] awstats security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4092-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 19, 2018 https://www.debian.org/security/faq -...
DSA-4092-1 awstats - security update
Bulletin has no description...
Debian: Security Advisory (DSA-4092-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : awstats (2018-17ba1a2393)
Security fix for CVE-2017-1000501 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Fedora Update for awstats FEDORA-2018-17ba1a2393
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : awstats (2018-7edfa0cfbf)
Security fix for CVE-2017-1000501 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
[SECURITY] Fedora 27 Update: awstats-7.6-8.fc27
Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works from command line or as a CGI and shows you all information your log contai ns, in graphical web pages. It can analyze a lot of web/wap/proxy servers lik...
Fedora Update for awstats FEDORA-2018-7edfa0cfbf
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1238-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1238-1] awstats security update
Package : awstats Version : 7.0dfsg-7+deb7u1 CVE ID : CVE-2017-1000501 Debian Bug : 885835 Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution. For Debian 7 "Wheezy", the...