Security Basics mailing list archives
Re: GET //awstats.pl? in apache logs
From: highwaycode () securityfocus com, "[a]"@securityfocus.com, hotmail.com () securityfocus com
Date: 24 Oct 2005 12:23:59 -0000
Some versions of awstats had a vun which allowed command execution, I assume someone created a bot to test random DNS/IP addresses in the hope of finding a vulnerable server. Once found the bot would usually copy itself to the server and begin spreading. If you do not have awstats installed this is not something I would worry about, If you are worried about future threats try installing something like mod_security.
Current thread:
- GET //awstats.pl? in apache logs Konstantine (Oct 24)
- Re: GET //awstats.pl? in apache logs ilaiy (Oct 24)
- Re: GET //awstats.pl? in apache logs Andreas Constantinides (MegaHz) (Oct 24)
- Re: GET //awstats.pl? in apache logs FocusHacks (Oct 24)
- Re: GET //awstats.pl? in apache logs Can't dig that daddy (Oct 24)
- RE: GET //awstats.pl? in apache logs mail list (Oct 24)
- Message not available
- Fwd: GET //awstats.pl? in apache logs Tobias Hahn (Oct 25)
- RE: GET //awstats.pl? in apache logs mail list (Oct 24)
- Re: GET //awstats.pl? in apache logs S.A. Birl (Oct 24)
- Re: GET //awstats.pl? in apache logs Konstantine (Oct 25)
- <Possible follow-ups>
- Re: GET //awstats.pl? in apache logs [a] (Oct 24)