Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.50 views

openSUSE 10 Security Update : awstats (awstats-1612)

This update fixes remote code execution vulnerabilities in awstats. Since backporting awstats fixes is error prone we have upgraded it to upstream version 6.6, which also includes new features. Security issues fixed: - CVE-2006-2237: missing sanitizing of the 'migrate' parameter. 173041 -...

5.1CVSS6.3AI score0.58356EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.25 views

SUSE-SA:2006:033: awstats

The remote host is missing the patch for the advisory SUSE-SA:2006:033 awstats. This update fixes remote code execution vulnerabilities in the WWW statistical analyzer awstats. Since back porting awstats fixes is error prone we have upgraded it to upstream version 6.6 which also includes new...

5.1CVSS6.3AI score0.58356EPSS
Exploits10
OSV
OSV
added 2006/05/30 10:2 a.m.6 views

CVE-2006-2644

AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary code by using the configdir parameter to awstats.pl to upload a configuration file whose name contains shell metacharacters, then access that file using the LogFile directive...

7.2AI score
Exploits0References12
CVE
CVE
added 2006/05/30 10:0 a.m.72 views

CVE-2006-2644

AWStats CVE-2006-2644 affects AWStats 6.5 (and possibly other versions) via the configdir parameter in awstats.pl. The root cause is lack of sanitization for the configdir parameter, allowing a remote authenticated user to upload a configuration file with shell metacharacters and then access it t...

4CVSS7.2AI score0.02712EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder