FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

awstats -- remote command execution vulnerability

Affected packages
awstats < 6.3

Details

VuXML ID 0f5a2b4d-694b-11d9-a9e7-0001020eed82
Discovery 2004-10-21
Entry 2005-01-18
Modified 2005-02-23

An iDEFENSE Security Advisory reports:

Remote exploitation of an input validation vulnerability in AWStats allows attackers to execute arbitrary commands under the privileges of the web server.

The problem specifically exists when the application is running as a CGI script on a web server. The "configdir" parameter contains unfiltered user-supplied data that is utilized in a call to the Perl routine open()...

Successful exploitation allows remote attackers to execute arbitrary commands under the privileges of the web server. This can lead to further compromise as it provides remote attackers with local access.

References

Bugtraq ID 12270
CERT/CC Vulnerability Note 272296
CVE Name CVE-2005-0116
Message FB24803D1DF2A34FA59FC157B77C970503C8B20C@idserv04.idef.com
URL http://awstats.sourceforge.net/docs/awstats_changelog.txt
URL http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities&flashstatus=false