Lucene search
SuseSUSE-SA:2006:033HistoryJun 20, 2006 - 9:02 a.m.
remote code execution in awstats
2006-06-2009:02:21
lists.opensuse.org
14
0.955 High
EPSS
Percentile
99.4%
This update fixes remote code execution vulnerabilities in the WWW statistical analyzer awstats.
Solution
Please install the update packages. Some workarounds are: - Deinstall awstats if you do not need it. - Protect the awstats CGI by normal web access protection methods so that only authorized users can access it.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 9.1 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |
| openSUSE | 10.1 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |
| openSUSE | 9.3 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |
| openSUSE | 9.2 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |
| openSUSE | 10.0 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |
Related
nessus
nessus
openSUSE 10 Security Update : awstats (awstats-1612)
2007-10-17 00:00:00
SUSE-SA:2006:033: awstats
2007-02-18 00:00:00
Debian DSA-1075-1 : awstats - programming error
2006-10-14 00:00:00
ubuntucve
ubuntucve
CVE-2006-2644
2006-05-30 00:00:00
CVE-2006-2237
2006-05-08 00:00:00
openvas
openvas
Debian Security Advisory DSA 1075-1 (awstats)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-290-1)
2022-08-26 00:00:00
Debian Security Advisory DSA 1058-1 (awstats)
2008-01-17 00:00:00
prion
prion
Default configuration
2006-05-30 10:02:00
Code injection
2006-05-08 23:02:00
ubuntu
ubuntu
awstats vulnerability
2006-06-08 00:00:00
awstats vulnerability
2006-05-23 00:00:00
debiancve
debiancve
CVE-2006-2644
2006-05-30 10:02:00
CVE-2006-2237
2006-05-08 23:02:00
cve
cve
CVE-2006-2644
2006-05-30 10:02:00
CVE-2006-2237
2006-05-08 23:02:00
cvelist
cvelist
CVE-2006-2644
2006-05-30 10:00:00
CVE-2006-2237
2006-05-08 23:00:00
nvd
nvd
CVE-2006-2644
2006-05-30 10:02:00
CVE-2006-2237
2006-05-08 23:02:00
saint
saint
AWStats migrate parameter command injection
2006-05-11 00:00:00
AWStats migrate parameter command injection
2006-05-11 00:00:00
AWStats migrate parameter command injection
2006-05-11 00:00:00
debian
debian
[SECURITY] [DSA 1058-1] New awstats packages fix arbitrary command execution
2006-05-18 16:28:08
[SECURITY] [DSA 1058-1] New awstats packages fix arbitrary command execution
2006-05-18 16:28:08
packetstorm
packetstorm
AWStats migrate Remote Command Execution
2009-10-30 00:00:00
osv
osv
awstats - missing input sanitising
2006-05-18 00:00:00
gentoo
gentoo
AWStats: Remote execution of arbitrary code
2006-06-07 00:00:00