Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: AWStats <= 6.4 Multiple vulnerabilities - can't reproduce in 6.3?
Feb 16 2005 07:45AM
K-OTiK Security (Special-Alerts k-otik com)
In-Reply-To: <42126DAD.7090704 (at) norwich (dot) edu [email concealed]>
6.4 was released on 2005-02-14 13:13
- Fix security hole that allowed a user to read log file content even
when plugin rawlog was not enabled.
- Fix a possible use of AWStats for a DoS attack.
- configdir option was broken on windows servers.
[ more ]
Copyright 2010, SecurityFocus