AWStats.Remote.Command.Injection
Description
This indicates a possible exploit of a vulnerability in AWStats.
This flaw is due to an input validation error in the "awstats.pl" script, that fails to properly validate the "migrate" variable.
Affected Products
AWStats version 6.5 and prior
Impact
System compromise: the execution of arbitrary code on the system.
Recommended Actions
Upgrade to AWStats version 6.6 :
http://awstats.sourceforge.net/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |