11 matches found
Fedora 37 : awstats (2023-b645c7feda)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b645c7feda advisory. Security fix for CVE-2022-46391 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : AWStats vulnerability (USN-5899-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5899-1 advisory. It was discovered that AWStats did not properly sanitize the content of whois responses in the hostinfo plugin. An attacker...
Fedora: Security Advisory for awstats (FEDORA-2023-b645c7feda)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 36 : awstats (2023-fda5480804)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-fda5480804 advisory. Security fix for CVE-2022-46391 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Mageia: Security Advisory (MGASA-2022-0461)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2022-0461 Updated awstats packages fix security vulnerability
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. CVE-2022-46391...
Updated awstats packages fix security vulnerability
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. CVE-2022-46391...
Debian dla-3225 : awstats - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3225 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3225-1 [email protected] https://www.debian.org/lts/security/...
CVE-2022-46391
creationtimestamp| type| source ---|---|--- 2022-12-04 07:38:35+00:00| seen| https://t.me/cibsecurity/53956...
CVE-2022-46391
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...
CVE-2022-46391
AWStats 7.x–7.8 is vulnerable to XSS in the hostinfo plugin due to improper handling of Net::XWhois output. The CVE-2022-46391 issue is acknowledged across multiple feeds; advisories note a security fix is available in various distributions (e.g., Debian 10 with 7.6+dfsg-2+deb10u2, Fedora 37/36 u...