Package: awstats Version: 6.2-1 Severity: grave Justification: user security hole
As published by iDEFENSE: Remote exploitation of an input validation vulnerability in AWStats allows attackers to execute arbitrary commands under the privileges of the web server ... http://www.idefense.com/application/poi/display?id=185 Please check for a possible vulnerability in the Debian package of awstats. Regards, Daniel -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (850, 'unstable'), (700, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8.10041210 Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages awstats depends on: ii perl [libstorable-perl] 5.8.4-5 Larry Wall's Practical Extraction -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
