Full Disclosure mailing list archives
New awstats.pl vulnerability?
From: Lamar Spells <lamar.spells () gmail com>
Date: Mon, 12 Dec 2011 19:30:26 -0500
For the past several days, I have been seeing thousands of requests looking for awstats.pl like this one: GET /awstats/awstats.pl ? configdir=|echo;echo YYYAAZ;uname;id;echo YYY;echo| I am dropping these requests due to previous (and very old) issues with awstats (see CVE-2006-3682). But this leaves me wondering if there is a new vuln lurking here somewhere. Anyone else seeing the same thing? Regards, Lamar Spells _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- New awstats.pl vulnerability? Lamar Spells (Dec 12)
- Re: New awstats.pl vulnerability? Grandma Eubanks (Dec 12)
- Re: New awstats.pl vulnerability? Bruce Ediger (Dec 12)
- Re: New awstats.pl vulnerability? Nikolay Kichukov (Dec 12)
- Re: New awstats.pl vulnerability? Lamar Spells (Dec 13)
- Re: New awstats.pl vulnerability? Lamar Spells (Dec 16)
- Re: New awstats.pl vulnerability? Lamar Spells (Dec 22)
- Re: New awstats.pl vulnerability? james (Dec 22)
- Re: New awstats.pl vulnerability? xD 0x41 (Dec 23)
- Re: New awstats.pl vulnerability? Nikolay Kichukov (Dec 12)