Lucene search
UbuntuUSN-167-1HistoryAug 12, 2005 - 12:00 a.m.
AWStats vulnerability
2005-08-1200:00:00
ubuntu.com
30
Releases
- Ubuntu 5.04
Details
Peter Vreugdenhil discovered a command injection vulnerability in
AWStats. As part of the statistics reporting function, AWStats
displays information about the most common referrer values that caused
users to visit the website. Referer URLs could be crafted in a way
that they contained arbitrary Perl code which would have been executed
with the privileges of the web server as soon as some user visited the
referrer statistics page.
References
Related
nessus
nessus
FreeBSD : awstats -- arbitrary code execution vulnerability (e86fbb5f-0d04-11da-bc08-0001020eed82)
2006-05-13 00:00:00
Debian DSA-892-1 : awstats - missing input sanitising
2006-10-14 00:00:00
AWStats Referrer Header Arbitrary Command Execution
2005-08-10 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200508-07 (awstats)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200508-07 (awstats)
2008-09-24 00:00:00
Debian Security Advisory DSA 892-1 (awstats)
2008-01-17 00:00:00
gentoo
gentoo
AWStats: Arbitrary code execution using malicious Referrer information
2005-08-16 00:00:00
debian
debian
[SECURITY] [DSA 892-1] New awstats packages fix arbitrary command execution
2005-11-10 06:10:33
[SECURITY] [DSA 892-1] New awstats packages fix arbitrary command execution
2005-11-10 00:00:00
ubuntucve
ubuntucve
CVE-2005-1527
2005-08-15 00:00:00
cve
cve
CVE-2005-1527
2005-08-15 04:00:00
debiancve
debiancve
CVE-2005-1527
2005-08-15 04:00:00
cvelist
cvelist
CVE-2005-1527
2005-08-15 04:00:00
freebsd
freebsd
awstats -- arbitrary code execution vulnerability
2005-08-09 00:00:00
securityvulns
securityvulns