Tuesday, May 30, 2006

AW Stats Vulnerability

Once more, we are confronted with the fact that any point in a system can become a weak point if not managed properly. This time, danger stems from a tool seemingly as harmless, but also as essential, as a log file analyzer and web statistics generator.

The vulnerable product is AWStats 6.5 (and prior versions), a well-known log file analyzer for generation of web, streaming, ftp or mail server access statistics, graphically.

This vulnerability could be used by an attacker to bypass security restrictions and run commands on the affected system.

The flaw is caused by incorrect input validation in the "awstats.pl"script, which cannot validate parameters "configdir" and "config" before being used to load a configuration file.

This could be exploited by an attacker to upload an arbitrary file to inject and run arbitrary shellc ommands through the "LogFile" configuration directive.

More information about this flaw is available at: http://www.frsirt.com/english/advisories/2006/1998

Links to this post:

Create a Link

<< Home