3 matches found
AWStats Plugin Multiple Remote Command Execution (CVE-2005-0363)
A command execution vulnerability has been reported in AWStats. The vulnerability is due to failing of AWStats CGI script to properly sanitize user provided parameters. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the target system...
FreeBSD Ports: awstats
The remote host is missing an update to the system as announced in the referenced advisory. VID fdad8a87-7f94-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
CVE-2005-0363
AWStats CVE-2005-0363 affects awstats.pl in AWStats 4.0 and 6.2, where insufficient input sanitization allows remote attackers to execute arbitrary shell commands via shell metacharacters in the config parameter. The issue enables remote, unauthenticated command execution with web server privileg...