AWStats Totals 'sort' Parameter Remote Command Execution Vulnerabilities Network Vulnerability

Summary

This host is running AWStats Totals and is prone to remote command execution vulnerabilites.

Impact

Successful exploitation could allow remote attackers to execute arbitrary PHP commands by constructing specially crafted 'sort' parameters. Impact Level: Application

Solution

Upgrade to AWStats Totals version 1.15 or later. For updates refer to http://www.telartis.nl/xcms/awstats/

Insight

The flaw is caused by improper validation of user-supplied input passed via the 'sort' parameter to 'multisort()' function, which allows attackers to execute arbitrary PHP code.

Affected

AWStats Totals versions 1.14 and prior.

References

http://packetstormsecurity.org/files/view/101698/awstatstotals_multisort.rb.txt
http://www.exploit-db.com/exploits/17324/
http://www.securityfocus.com/archive/1/archive/1/495770/100/0/threaded
http://xforce.iss.net/xforce/xfdb/44712

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3922

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Apache Struts2 Redirection and Security Bypass Vulnerabilities
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
AstroSPACES profile.php SQL Injection Vulnerability
Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution

Take action and discover your vulnerabilities