CVE-2005-0362

Published: Feb 9, 2005Modified: Apr 16, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters.

Affected (14)

Products: Awstats: Awstats

Awstats

1 product

Awstats

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Awstats Awstats	Version 4.0
Awstats Awstats	Version 5.0
Awstats Awstats	Version 5.1
Awstats Awstats	Version 5.2
Awstats Awstats	Version 5.3
Awstats Awstats	Version 5.4
Awstats Awstats	Version 5.5
Awstats Awstats	Version 5.7
Awstats Awstats	Version 5.8
Awstats Awstats	Version 5.9
Awstats Awstats	Version 6.0
Awstats Awstats	Version 6.1
Awstats Awstats	Version 6.2
Awstats Awstats	Version 6.3

References (4)

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=294488

Source: security@debian.org

Vendor Advisory

http://www.osvdb.org/16089

Source: security@debian.org

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=294488

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.osvdb.org/16089

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.