CVE-2005-0436

Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter...

AWStats 5.7 - 6.2 Multiple Remote Exploit (extra)

Exploit for cgi platform in category web applications ================================================= AWStats 5.7 - 6.2 Multiple Remote Exploit extra ================================================= / Awstats exploit "shell" code by omin0us omin0us208 at gmail dot com dtors security group .:...

AWStats 5.7 - 6.2 Multiple Remote Exploit (extra)

No description provided by source. / Awstats exploit "shell" code by omin0us omin0us208 at gmail dot com dtors security group .: http://dtors.ath.cx :. Vulnerability reported by iDEFENSE pluginmode bug has been found by GHC team. The awstats exploit that was discovered allows a user to execute...

AWStats 5.7 6.2 - Multiple Remote s

AWStats 5.7 6.2 - Multiple Remote s / Awstats exploit "shell" code by omin0us omin0us208 at gmail dot com dtors security group .: http://dtors.ath.cx :. Vulnerability reported by iDEFENSE pluginmode bug has been found by GHC team. The awstats exploit that was discovered allows a user to execute...

AWStats 5.7 < 6.2 - Multiple Remote s

/ Awstats exploit "shell" code by omin0us omin0us208 at gmail dot com dtors security group .: http://dtors.ath.cx :. Vulnerability reported by iDEFENSE pluginmode bug has been found by GHC team. The awstats exploit that was discovered allows a user to execute arbitrary commands on the remote serv...

AWStats fails to validate input supplied to pluginmode parameter

Overview AWStats performs inadequate validation on user-controlled data that is supplied to the pluginmode parameter. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary commands. Description AWStats is a Perl CGI script that collects and graphically displays...

awstats63.txt

/==========================================/ // GHC - AWStats - ADVISORY \ PRODUCT: AWStats // VERSION: = 6.3 \ URL: http://awstats.sourceforge.net/ // VULNERABILITY CLASS: Multiple vulnerabilities \ RISK: high /==========================================/ Product Description "AWStats is a free...

AWStats 5.7 - 6.2 Multiple Remote Exploit

Exploit for cgi platform in category web applications ========================================= AWStats 5.7 - 6.2 Multiple Remote Exploit ========================================= / AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats...

AWStats 5.7 - 6.2 Multiple Remote Exploit

No description provided by source. / AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats software. an user can execute remote code on vulnerable machine, with httpd privileges. References: www.securityfocus.org/bid/12543 coded by:...

AWStats 5.7 6.2 - Multiple Remote

AWStats 5.7 6.2 - Multiple Remote / AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats software. an user can execute remote code on vulnerable machine, with httpd privileges. References: www.securityfocus.org/bid/12543 coded by:...

AWStats 5.7 < 6.2 - Multiple Remote

/ AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats software. an user can execute remote code on vulnerable machine, with httpd privileges. References: www.securityfocus.org/bid/12543 coded by: Silentium of Anacron Group Italy date:...

CVE-2005-0362

CVE-2005-0362 affects AWStats (awstats.pl) with AWStats 6.2, where remote attackers can execute arbitrary commands by injecting shell metacharacters into the parameters 1) pluginmode, 2) loadplugin, or 3) noloadplugin. The issue arises from improper handling/sanitation of user-supplied input in t...

CVE-2005-0363

awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter...

CVE-2005-0362

awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 "pluginmode", 2 "loadplugin", or 3 "noloadplugin" parameters...

CVE-2005-0362

awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 "pluginmode", 2 "loadplugin", or 3 "noloadplugin" parameters...

CVE-2005-0363

awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter...

CVE-2005-0363

AWStats CVE-2005-0363 affects awstats.pl in AWStats 4.0 and 6.2, where insufficient input sanitization allows remote attackers to execute arbitrary shell commands via shell metacharacters in the config parameter. The issue enables remote, unauthenticated command execution with web server privileg...

AWStats 5.x6.x - Logfile Remote Command Execution

AWStats 5.x6.x - Logfile Remote Command Execution source: https://www.securityfocus.com/bid/12572/info AWStats is reported prone to a remote arbitrary command-execution vulnerability. This issue occurs because the application fails to properly sanitize user-supplied data. Specifically, the...

AWStats 5.x/6.x - 'Logfile' Remote Command Execution

source: https://www.securityfocus.com/bid/12572/info AWStats is reported prone to a remote arbitrary command-execution vulnerability. This issue occurs because the application fails to properly sanitize user-supplied data. Specifically, the user-specified 'logfile' URI parameter is supplied to th...

Debian DSA-682-1 : awstats - missing input sanitizing

In addition to CAN-2005-0116 more vulnerabilities have been found in awstats, a powerful and featureful web server log analyzer with a CGI frontend. Missing input sanitising can cause arbitrary commands to be executed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...