Описание
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-2237
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26287
- https://usn.ubuntu.com/285-1
- http://awstats.sourceforge.net/awstats_security_news.php
- http://secunia.com/advisories/19969
- http://secunia.com/advisories/20170
- http://secunia.com/advisories/20186
- http://secunia.com/advisories/20496
- http://secunia.com/advisories/20710
- http://security.gentoo.org/glsa/glsa-200606-06.xml
- http://www.debian.org/security/2006/dsa-1058
- http://www.novell.com/linux/security/advisories/2006_33_awstats.html
- http://www.osreviews.net/reviews/comm/awstats
- http://www.osvdb.org/25284
- http://www.securityfocus.com/bid/17844
- http://www.vupen.com/english/advisories/2006/1678
- http://www.vuxml.org/freebsd/2df297a2-dc74-11da-a22b-000c6ec775d9.html
EPSS
CVE ID
Связанные уязвимости
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
The web interface for AWStats 6.4 and 6.5, when statistics updates are ...
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS