Awstats Configuration File Remote Arbitrary Command Execution Vulnerability

Awstats is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to execute arbitrary shell commands in the context of the webserver process. This may help attackers compromise the underlying system; other attacks are also possible.


 

Privacy Statement
Copyright 2010, SecurityFocus