Synopsis :

The remote host contains a CGI script that is affected by multiple
issues.

Description :

The remote host is running AWStats, a free logfile analysis tool for
analyzing ftp, mail, web, ... traffic.

The remote version of this software is prone to a command execution flaw
as well as an information disclosure vulnerability. An attacker may
exploit this feature to obtain more information about the setup of the
remote host or to execute arbitrary commands with the privileges of the
web server.

Solution :

Unknown at this time.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.5
(CVSS2#E:H/RL:U/RC:ND)
Public Exploit Available : true