12 matches found
AWStats 6.2-6.1 - configdir Command Injection
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
AWStats (6.1-6.2) configdir Remote Command Execution
No description provided by source. $Id: awstatsconfigdirexec.rb 7970 2009-12-26 03:31:20Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
CVE-2005-0116
creationtimestamp| type| source ---|---|--- 2009-12-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16905 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/awstatsconfigdirexec.rb 2025-02-06 03:13:38+00:00|...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. VID 0f5a2b4d-694b-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
AWStats configdir Remote Command Execution
This module exploits an arbitrary command execution vulnerability in the AWStats CGI script. iDEFENSE has confirmed that AWStats versions 6.1 and 6.2 are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework cla...
AWStats < 6.3 'configdir' Parameter Arbitrary Command Execution Vulnerability - Active Check
AWStats is prone to a command execution vulnerability. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:awstats:awstats";...
CVE-2005-0116
CVE-2005-0116 affects AWStats: remote command execution through the configdir parameter in the AWStats CGI (awstats.pl) affecting 6.1 and earlier versions up to 6.2/6.2.x, with public reports of exploitation. The root cause is unsanitized input passed to a shell/open call, allowing arbitrary comm...
CVE-2005-0116
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl...
CVE-2005-0116
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl...
AWStats awstats.pl configdir Parameter Arbitrary Command Execution
The remote host is running AWStats, a free logfile analysis tool for analyzing ftp, mail, web, ... traffic. The remote version of this software fails to sanitize user-supplied input to the 'configdir' parameter of the 'awstats.pl' script. An attacker may exploit this condition to execute commands...
AWStats 6.2 < 6.1 - configdir Command Injection (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'AWStats...