FreeBSD : awstats -- remote command execution vulnerability (0f5a2b4d-694b-11d9-a9e7-0001020eed82)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

An iDEFENSE Security Advisory reports :

Remote exploitation of an input validation vulnerability in AWStats
allows attackers to execute arbitrary commands under the privileges of
the web server.

The problem specifically exists when the application is running as a
CGI script on a web server. The 'configdir' parameter contains
unfiltered user-supplied data that is utilized in a call to the Perl
routine open()...

Successful exploitation allows remote attackers to execute arbitrary
commands under the privileges of the web server. This can lead to
further compromise as it provides remote attackers with local access.

See also :

http://marc.info/?l=full-disclosure&m=110600949323439
http://awstats.sourceforge.net/docs/awstats_changelog.txt
http://www.nessus.org/u?020e4b8e
http://www.nessus.org/u?b1e8d5be

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18840 (freebsd_pkg_0f5a2b4d694b11d9a9e70001020eed82.nasl)

Bugtraq ID: 12270

CVE ID: CVE-2005-0116

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now