AWStats Rawlog Plugin Logfile Parameter Arbitrary Command Execution

High Nessus Network Monitor Plugin ID 1728

Synopsis

The remote host is running AWStats, a CGI log analyzer that generates statistic reports based on HTTP, SMTP or FTP logs.

Description

The remote host is running AWStats, a CGI log analyzer that generates statistic reports based on HTTP, SMTP or FTP logs. AWStats Rawlog Plugin is reported prone to an input validation vulnerability. A remote attacker may supply shell metacharacters and commands as a value for the 'logfile' URI parameter. These commands and metacharacters will be processed by the underlying shell, resulting in the execution of commands in the context of the hosting web server.

Solution

Upgrade or patch according to vendor recommendations.

Plugin Details

Severity: High

ID: 1728

Family: Web Servers

Published: 2004/08/20

Modified: 2016/02/05

Dependencies: 1442

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.6

Temporal Score: 6.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.7

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:H/RL:O/RC:C

Reference Information

BID: 10950