[users@httpd] Apache and AWstats exploit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <users@xxxxxxxxxxxxxxxx>
Subject: [users@httpd] Apache and AWstats exploit
From: "Bill Parker" <dogbert@xxxxxxxxxxxxx>
Date: Mon, 21 Mar 2005 20:14:12 -0800
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxx
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxxxx
Delivered-to: mailing list users@xxxxxxxxxxxxxxxx
Mailing-list: contact users-help@xxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: users@xxxxxxxxxxxxxxxx

Hi All,

In reading the list, I have noticed that people have been talking about the AWstats exploit. I had AWstats 6.2 installed (running 6.4 now), but the only people who can get ssh access to the box are tech types in our office, and I only run the awstats.pl --update and generate a static HTML page once a day with no links on the page to click on to update statistics remotely. Is this something that I should be worried about, or is a static HTML page for AWstats not expoitable?

Bill

Follow-Ups:
- Re: [users@httpd] Apache and AWstats exploit
  - From: Anthony G. Atkielski

Prev by Date: RE: [users@httpd] Ok Here we go Newb questions
Next by Date: Re: [users@httpd] Apache and AWstats exploit
Previous by thread: RE: [users@httpd] Ok Here we go Newb questions
Next by thread: Re: [users@httpd] Apache and AWstats exploit
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]