« Check Rootkit | Main | Rootkit Hunter - Another Root Kits Checking Tool »
August 16, 2005
Arbitrary Code Execution Vulnerability in Awstats 6.4
There is a new vulnerability in Awstats 6.4, detailed explanation is here. The new development version 6.5 has addressed this issue, but not available yet in ports. Awstats 6.4 has been marked forbidden in the ports, "make install" will display the following message, which is different from the portaudit error:
===> awstats-6.4 is forbidden: http://vuxml.FreeBSD.org/e86fbb5f-0d04-11da-bc08-0001020eed82.html.
I deinstalled Awstats and cleaned up the files and related Apache configuration. Awstats installation is a little messed up on my server, I started using it since version 6.1 which needs a manual copy, version 6.4 seemed to make it automate, which ended with two copies on my server. But now I think I might be mistaken - ports shouldn't be so dumb, it's very possible that I missed something when I installed 6.1. Anyway, the domain configuration files are located in a different folder /etc/awstats and not affected, it will be very easy to install the soon-to-be-released version, a "make install" and an optional directory protection should be enough.
Category : Security
Posted by FreeBSD Newbie at August 16, 2005 12:35 PM