Lucene search

[email protected]NVD:CVE-2006-2237

HistoryMay 08, 2006 - 11:02 p.m.

CVE-2006-2237

2006-05-0823:02:00

[email protected]

web.nvd.nist.gov

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.955

Percentile

99.4%

JSON

The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.

Affected configurations

Nvd

Node

awstatsawstatsMatch6.4

awstatsawstatsMatch6.5

References

awstats.sourceforge.net/awstats_security_news.php

secunia.com/advisories/19969

secunia.com/advisories/20170

secunia.com/advisories/20186

secunia.com/advisories/20496

secunia.com/advisories/20710

security.gentoo.org/glsa/glsa-200606-06.xml

www.debian.org/security/2006/dsa-1058

www.novell.com/linux/security/advisories/2006_33_awstats.html

www.osreviews.net/reviews/comm/awstats

www.osvdb.org/25284

www.securityfocus.com/bid/17844

www.vupen.com/english/advisories/2006/1678

www.vuxml.org/freebsd/2df297a2-dc74-11da-a22b-000c6ec775d9.html

exchange.xforce.ibmcloud.com/vulnerabilities/26287

usn.ubuntu.com/285-1/

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.955

Percentile

99.4%

JSON

Related for NVD:CVE-2006-2237

saint4 openvas4 debian2 packetstorm1 nessus6 exploitdb3 ubuntu1 debiancve1 prion1 metasploit1 ubuntucve1 cve1 osv1 cvelist1 seebug1 gentoo1 suse1