security hole recently found in AWStats ⇒ News ⇒ CPG Dragonfly™ CMS

Security security hole recently found in AWStats

Posted by NanoCaiordo on (38248 views)
Warning, a security hole was recently found in AWStats versions from 5.0 to 6.2 when AWStats is used as a CGI: A remote user can execute arbitrary commands on your server using permissions of your web server user (in most cases user "nobody"). If you use AWStats with another version or is not available as a CGI, you are safe. If not, it is highly recommanded to upgrade to 6.4 version that fix all known security holes. info source

Comments

Reply Anonymous ( Login | Register )
Most read story about Security:
security hole recently found in AWStats
Article Rating
Average Score: 4
Votes: 1
★★★★
Please take a second and vote for this article:
User Info

Welcome Anonymous


(Register)
Community

Support for DragonflyCMS in a other languages:

Deutsch
Español
Mercurial Commits
· Bugfix: Account registration failed
· Bugfix: first compress data, then encrypt. As compression does not work on encrypted data.
· Added: JavaScript is_scalar() Added: \Poodle\TimeInterval Bugfix: JavaScript setCookie failed on numeric values Bugfix: TPL HTML input "checked" attribute Bugfix: \Poodle\Crypt\Asymmetric::createKeyPair() failed Change: TPL Parser now supports disable-output-escaping attribute everywhere Improved: templates HTML attribute parsing Removed: HTML command element
· Bugfix: revamp of TPL parser failed to check context attributes
· Bugfix: BBCode buttons failed to load some times.
· Cleanup more language strings
· Cleanup: more L10N data
· Disable: \Dragonfly\Page\Router as it has no management yet (Nano didn't finish the feature yet) Removed: footer.php debug code as the new JavaScript based debugger is more correct
· Bugfix: incorrect error "could not be found" in Dragonfly\Output\Js
· Bugfix: syntaxhighlight line-numbers broken due to box-sizing fix

read more...
All content of this website is copyrighted by the Creative Commons NC-SA
The logos and trademarks used on this site are the property of their respective owners
We are not responsible for comments posted by our users, as they are the property of the poster.
Our server runs on 2 × 2.4 Ghz @ 60% with 2048 MB RAM with no accelerators do not click
Interactive software released under GNU GPL, Code Credits, Privacy Policy