659 matches found
AWStats Totals 1.14 Remote Command Execution
$Id: awstatstotalsmultisort.rb 12715 2011-05-25 10:45:36Z patrickw $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
AWStats Totals multisort Remote Command Execution
This module exploits an arbitrary command execution vulnerability in the AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
AWStats Totals =< v1.14 multisort Remote Command Execution
Exploit for php platform in category web applications $Id: awstatstotalsmultisort.rb 12715 2011-05-25 10:45:36Z patrickw $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...
AWStats Totals 1.14 multisort - Remote Command Execution (Metasploit)
$Id: awstatstotalsmultisort.rb 12715 2011-05-25 10:45:36Z patrickw $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. VID ce6ce2f8-34ac-11e0-8103-00215c6a37bb OpenVAS Vulnerability Test $ Description: Auto generated from VID ce6ce2f8-34ac-11e0-8103-00215c6a37bb Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
Mandriva Update for awstats MDVSA-2011:033 (awstats)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Update for awstats MDVSA-2011:033 (awstats)
Check for the Version of awstats OpenVAS Vulnerability Test Mandriva Update for awstats MDVSA-2011:033 awstats Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
FreeBSD : awstats -- arbitrary commands execution vulnerability (ce6ce2f8-34ac-11e0-8103-00215c6a37bb)
Awstats change log reports : - Security fix Traverse directory of LoadPlugin - Security fix Limit config to defined directory to avoid access to external config file via a nfs or webdav link. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
Ubuntu Update for awstats vulnerability USN-1047-1
Ubuntu Update for Linux kernel vulnerabilities USN-1047-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10471.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for awstats vulnerability USN-1047-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-1047-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AWStats Unspecified 'LoadPlugin' Directory Traversal Vulnerability
AWStats is prone to an unspecified directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. The impact of this issue is currently unknown. We will update this BID when more information emerges. Versions prior to AWStats 7.0 are vulnerable. OpenVAS...
AWStats < 7.0 Unspecified 'LoadPlugin' Directory Traversal Vulnerability
AWStats is prone to an unspecified directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : awstats vulnerability (USN-1047-1)
It was discovered that AWStats did not correctly filter the LoadPlugin configuration option. A local attacker on a shared system could use this to inject arbitrary code into AWStats. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...
USN-1047-1: AWStats vulnerability
It was discovered that AWStats did not correctly filter the LoadPlugin configuration option. A local attacker on a shared system could use this to inject arbitrary code into AWStats...
[USN-1047-1] AWStats vulnerability
=========================================================== Ubuntu Security Notice USN-1047-1 January 24, 2011 awstats vulnerability CVE-2010-4369 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS...
Awstats statistics permissions assigned improperly leads to explosive path-vulnerability warning-the black bar safety net
Vulnerability details Brief description: Awstats statistics permissions assigned improperly leads to explosive path Detailed description: Awstats is a Perl-based WEB Log analysis and Statistics tool. Due to the simplicity of powerful features and by many administrators of all ages, its default...
CVE-2010-4368
awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname...
CVE-2010-4367
awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a 1 WebDAV server or 2 NFS server...
CVE-2010-4369
Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory...