659 matches found
DLA-1238-1 awstats - security update
Bulletin has no description...
Debian DLA-1238-1 : awstats security update
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the 'config' and 'migrate' parameters resulting in unauthenticated remote code execution. For Debian 7 'Wheezy', these problems have been fixed in version 7.0dfsg-7+deb7u1. We recommend that you upgrade your...
Ubuntu 14.04 LTS / 16.04 LTS : AWStats vulnerability (USN-3518-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3518-1 advisory. It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code...
Ubuntu: Security Advisory (USN-3518-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : awstats -- remote code execution (4055aee5-f4c6-11e7-95f2-005056925db4)
Mitre reports : Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the 'config' and 'migrate' parameters resulting in unauthenticated remote code execution. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...
USN-3518-1 awstats vulnerability
It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code...
USN-3518-1: AWStats vulnerability
It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code...
AWStats < 7.7 Directory Traversal Vulnerability - Active Check
AWStats is vulnerable to a path traversal flaw in the handling of the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
AWStats Path Traversal Vulnerability
AWStats is an extremely popular web-based website traffic analyzer. A path traversal vulnerability exists in the handling of the 'config' and 'migrate' parameters in AWStats 7.6 and earlier versions. A remote attacker can exploit this vulnerability to execute code...
Path traversal
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution...
DEBIAN-CVE-2017-1000501
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution...
CVE-2017-1000501
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution...
CVE-2017-1000501
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution...
ALPINE-CVE-2017-1000501
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution...
CVE-2017-1000501
AWStats is affected by a path-traversal vulnerability in cgi-bin/awstats.pl?config= (and related migrate/config handling) that can disclose or modify files due to improper handling of absolute/partial paths. The issue is described as affecting AWStats 7.7 and earlier, with an incomplete fix in CV...
CVE-2017-1000501
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution...
CVE-2017-1000501
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution...
CVE-2017-1000501
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution...
MGASA-2018-0045 Updated awstats packages fix security vulnerability
The cPanel Security Team discovered two path traversal flaws in awstats in the "config" and "migrate" parameters that could be leveraged for unauthenticated remote code execution CVE-2017-1000501...
Updated awstats packages fix security vulnerability
The cPanel Security Team discovered two path traversal flaws in awstats in the "config" and "migrate" parameters that could be leveraged for unauthenticated remote code execution CVE-2017-1000501...