Short Name |
HTTP:CGI:AWSTATS |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
AwStat: Malicious Activity |
Release Date |
2005/02/28 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the Awstat module, a Perl module used to provide server usage statistics. Awstat 6.1 and some versions earlier than 6.3 are vulnerable. Attackers can use malicious command injections to execute arbitrary code with Web server privileges.
AWStats is reported prone to a remote arbitrary-command-execution vulnerability because the software fails to sufficiently sanitize user-supplied data. An attacker can prefix arbitrary commands with the '|' character and have them execute in the context of the server through a URI parameter. This issue was originally specified in BID 12270 (AWStats Multiple Unspecified Remote Input Validation Vulnerabilities). Due to the availability of further details, it is being assigned a new BID.