![]() And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog. Users can download version 6.3, which corrects the error and removes the vulnerability, here.Ĭheck out s for the latest security news, reviews and analysis. By using an error in the programs input validation routine, a user can execute arbitrary commands on the server, effectively giving full access to the machine. The vulnerability, known as the AWStats configdir Remote Command Execution Exploit, was first disclosed on Jan. An attacker may exploit this condition to execute commands remotely or disclose contents of files, subject to the privileges under which the web server operates. The PhpBB team later posted a short message on the site denouncing the groups actions, adding that “at present is offline due to a group of politically motivated hackers wishing to use an open-source project to push their agenda … shame on them.” The remote version of this software fails to sanitize user-supplied input to the 'configdir' parameter of the '' script. AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary code by using the configdir parameter to to upload a configuration file whose name contains shell metacharacters, then access that file using the LogFile directive. Bushs head superimposed on the body of a monkey. A group apparently from Brazil and calling itself “The Simians Crew” used the vulnerability to deface the PhpBB site with political messages, including a picture of U.S. One of the sites compromised by the issue was, home of the popular Web forum software PhpBB. The vulnerability, which affects versions of AWStats up to and including 6.2, allows the execution of arbitrary commands on a server, effectively giving malicious hackers complete control over the machine. ![]() ![]() In a posting on the Weblog on Tuesday, virus analysts from Kaspersky Lab warned that they had seen “vast numbers” of sites compromised using a vulnerability in AWStats, a free tool for generating graphical statistics for Web sites. AWStats 6.95 and Older Remote Command Execution When Installed on Windows Apache Tomcat SUMMARY AND IMPACT: AWStats is vulnerable to remote command execution when installed on Apache Tomcat on Microsoft Windows operating systems. iDEFENSE has confirmed that AWStats versions 6.1 and 6.2 are vulnerable. This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats CGI script. A leading anti-virus and security company has advised users of a popular Web stats logging application to update to the latest version of the software after seeing an increasing number of attempts to use a known bug to compromise servers. AWStats configdir Remote Command Execution Posted Authored by Matteo Cantoni.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |