Well, since I use awstats but it is version 6.3 I thought I would pass
this little info along in case anybody else uses it and doesn't want to
update:
The full text can be found here:
http://lists.netsys.com/pipermail/full-disclosure/2005-January/031002.html
> IV. DETECTION
>
> iDEFENSE has confirmed that AWStats version 6.1 is vulnerable.
> It is suspected that earlier versions are also vulnerable.
>
> V. WORKAROUND
>
> Add a filter around the "configdir" parameter by replacing the following
> line:
>
> if ($QueryString =~ /configdir=([^&]+)/i)
> {
> $DirConfig=&DecodeEncodedString("$1");
> }
>
> With:
>
> if ($QueryString =~ /configdir=([^&]+)/i)
> {
> $DirConfig=&DecodeEncodedString("$1");
> $DirConfig=~tr/a-z0-9_\-\/\./a-z0-9_\-\/\./cd;
> }
>
> VI. VENDOR RESPONSE
>
> This vulnerability is addressed in AWStats 6.3, available for download
> at:
>
> http://awstats.sourceforge.net/#DOWNLOAD
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Feb 16 13:53:27 2005
This archive was generated by hypermail 2.1.8 : Wed Feb 16 2005 - 13:53:27 AKST