Summary
AWStats is prone to a path-disclosure vulnerability.
Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer.
The following are vulnerable:
AWStats 6.5 (build 1.857) and prior
WebGUI Runtime Environment 0.8.x and prior
See Also:
http://www.securityfocus.com/bid/34159
Severity
Classification
-
CVE CVE-2006-3682 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe ColdFusion HTTP Response Splitting Vulnerability
- Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities
- Apache Tomcat source.jsp malformed request information disclosure
- Apache Archiva Multiple Vulnerabilities
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability