Download
| Alert*
oval:org.secpod.oval:def:113882
awstats is installed oval:org.secpod.oval:def:1082 AWStats is installed oval:org.secpod.oval:def:1085 The host is installed with AWStats and is prone to remote command execution vulnerability. A flaw is present in the application, which fails to avoid accepting a configdir parameter in the URL. Successful exploitation could allow remote attackers to execute arbitrary commands. oval:org.secpod.oval:def:1084 The host is installed with AWStats and is prone to remote command execution vulnerability. A flaw is present in the application, which fails to properly handle "\\" when specifying a configuration file directory. Successful exploitation could allow an attacker to specify an arbitrary configuration f ... oval:org.secpod.oval:def:2000117 A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters. oval:org.secpod.oval:def:1083 The host is installed with AWStats and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to validate input. Successful exploitation could allow remote attackers to to have an unspecified impact via a crafted LoadPlugin directory. oval:org.secpod.oval:def:1800314 awstats is installed oval:org.secpod.oval:def:1800879 Two path traversal flaws in awstats in awstats 7.6 and earlier, that could be leveraged for unauthenticated remote code execution. oval:org.secpod.oval:def:72103 awstats: powerful and featureful web server log analyzer Several security issues were fixed in AWStats. oval:org.secpod.oval:def:703936 awstats is installed oval:org.secpod.oval:def:89475 awstats: powerful and featureful web server log analyzer AWStats could allow cross-site scripting attacks. oval:org.secpod.oval:def:124871 Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers su ... oval:org.secpod.oval:def:113891 Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works from command line or as a CGI and shows you all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers like Ap ... oval:org.secpod.oval:def:113881 Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works from command line or as a CGI and shows you all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers like Ap ... oval:org.secpod.oval:def:53232 The cPanel Security Team discovered that awstats, a log file analyzer, was vulnerable to path traversal attacks. A remote unauthenticated attacker could leverage that to perform arbitrary code execution. oval:org.secpod.oval:def:51965 awstats: powerful and featureful web server log analyzer AWStats could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:1800313 Two path traversal flaws in awstats in awstats 7.6 and earlier, that could be leveraged for unauthenticated remote code execution. oval:org.secpod.oval:def:603242 The cPanel Security Team discovered that awstats, a log file analyzer, was vulnerable to path traversal attacks. A remote unauthenticated attacker could leverage that to perform arbitrary code execution. oval:org.secpod.oval:def:706009 awstats: powerful and featureful web server log analyzer Several security issues were fixed in AWStats. oval:org.secpod.oval:def:703935 awstats: powerful and featureful web server log analyzer AWStats could be made to run programs if it received specially crafted network traffic. |