[Pkg-awstats-devel] Bug#364443: Vulnerability exists also with the 'diricons' parameter

Hendrik Weimer hendrik at enyo.de
Wed May 3 17:11:25 UTC 2006

Previous message: [Pkg-awstats-devel] Bug#365910: marked as done (AWStats: Malicious config file shell code injection)
Next message: Bug#364443: [Pkg-awstats-devel] Bug#364443: Vulnerability exists also with the 'diricons' parameter
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

as mentioned in http://www.osreviews.net/reviews/comm/awstats, the
same type of XSS vulnerability also exists with the 'diricons'
parameter. In this case, Debian is affected, too.

Hendrik

Previous message: [Pkg-awstats-devel] Bug#365910: marked as done (AWStats: Malicious config file shell code injection)
Next message: Bug#364443: [Pkg-awstats-devel] Bug#364443: Vulnerability exists also with the 'diricons' parameter
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Pkg-awstats-devel mailing list