> Source: http://www.osreviews.net/reviews/comm/awstats > > | Arbitrary code can be executed by uploading a specially crafted > | configuration file if an attacker can put a file on the server with > | chosen file name and content (e.g. by using an FTP account on a > | shared hosting server). In this configuration file, the LogFile > | directive can be used to execute shell code following a pipe > | character. As above, an open call on unsanitized input is the source > | of this vulnerability.
Thank you, Hendrik, for passing along this information. In this case, this report doesn't appear to be an actual security vulnerability. The configuration file needs to be placed in /etc/awstats, /usr/local/etc/awstats, /etc, or /etc/opt/awstats. This can not be done without having root access (nor can the current configuration files be modified without root access). Someone with root permissions can already execute shell code with broader permissions than the webserver, so this "attack" seems like a non-issue to me. cheers, Charles -- Hit 'em high Hit 'em low It's action rooters crave Millions boast -- millions toast The All-American shave Burma-Shave http://burma-shave.org/jingles/1933/hit_em_high2
signature.asc
Description: Digital signature
