This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote web server contains a CGI script that allows execution of
The remote host is running AWStats, a free logfile analysis tool for
analyzing ftp, mail, web, ... traffic.
The remote version of this software fails to sanitize user-supplied
input to the 'configdir' parameter of the 'awstats.pl' script. An
attacker may exploit this condition to execute commands remotely or
disclose contents of files, subject to the privileges under which the
web server operates.
See also :
Upgrade to AWStats version 6.3 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.9
Public Exploit Available : true