FreeBSD : awstats -- arbitrary code execution vulnerability (e86fbb5f-0d04-11da-bc08-0001020eed82)

Medium Nessus Plugin ID 21528


The remote FreeBSD host is missing a security-related update.


An iDEFENSE Security Advisory reports :

Remote exploitation of an input validation vulnerability in AWStats allows remote attackers to execute arbitrary commands.

The problem specifically exists because of insufficient input filtering before passing user-supplied data to an eval() function. As part of the statistics reporting function, AWStats displays information about the most common referrer values that caused users to visit the website. The referrer data is used without proper sanitation in an eval() statement, resulting in the execution of arbitrary perl code.

Successful exploitation results in the execution of arbitrary commands with permissions of the web service. Exploitation will not occur until the stats page has been regenerated with the tainted referrer values from the http access log. Note that AWStats is only vulnerable in situations where at least one URLPlugin is enabled.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 21528

File Name: freebsd_pkg_e86fbb5f0d0411dabc080001020eed82.nasl

Version: $Revision: 1.13 $

Type: local

Published: 2006/05/13

Modified: 2013/06/22

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:awstats, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2005/08/14

Vulnerability Publication Date: 2005/08/09

Reference Information

CVE: CVE-2005-1527