Bill Parker writes: > In reading the list, I have noticed that people have been talking > about the AWstats exploit. I had AWstats 6.2 installed (running 6.4 > now), but the only people who can get ssh access to the box are tech > types in our office, and I only run the awstats.pl --update and > generate a static HTML page once a day with no links on the page to > click on to update statistics remotely. Is this something that I > should be worried about, or is a static HTML page for AWstats not > expoitable? Static pages are safe. -- Anthony --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|