Secunia Logo
Netsikker nu! 2008
 Vulnerability IntelligenceVulnerability ScanningBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Ubuntu update for awstats
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Ubuntu update for awstats
Secunia Advisory: SA22306
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2006-10-10
Popularity: 5,189 views

Critical:
Less critical
Impact: Cross Site Scripting
Exposure of system information
Where: From remote
Solution Status: Vendor Patch

OS:Ubuntu Linux 5.04
Ubuntu Linux 5.10
Ubuntu Linux 6.06
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2006-3681
CVE-2006-3682
Description:
Ubuntu has issued an update for awstats. This fixes some vulnerabilities, which can be exploited by malicious people to disclose system information and conduct cross-site scripting attacks.

For more information:
SA19725

Solution:
Apply updated packages.

-- Ubuntu 5.04 --

Source archives:

http://security.ubuntu.com/ubuntu/poo...wstats/awstats_6.3-1ubuntu0.4.diff.gz
Size/MD5: 27234 dfd36e862db2211270ccfcda1b9f4d3a
http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3-1ubuntu0.4.dsc
Size/MD5: 595 967d4b14c6a5bb7e2c69c3843d15eb0a
http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3.orig.tar.gz
Size/MD5: 938794 edb73007530a5800d53b9f1f90c88053

Architecture independent packages:

http://security.ubuntu.com/ubuntu/poo...wstats/awstats_6.3-1ubuntu0.4_all.deb
Size/MD5: 726704 52d471f9299e0bb5495c6e7db4fcc5fd

-- Ubuntu 5.10 --

Source archives:

http://security.ubuntu.com/ubuntu/poo...wstats/awstats_6.4-1ubuntu1.3.diff.gz
Size/MD5: 20294 23e7714e08623dd464a76b5d2618c9fa
http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4-1ubuntu1.3.dsc
Size/MD5: 595 e4ae507c9fc431a95b43fdc00f4a94e1
http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4.orig.tar.gz
Size/MD5: 918435 056e6fb0c7351b17fe5bbbe0aa1297b1

Architecture independent packages:

http://security.ubuntu.com/ubuntu/poo...wstats/awstats_6.4-1ubuntu1.3_all.deb
Size/MD5: 728744 ca061e390d9ed9056bb58e14bd8bbece

-- Ubuntu 6.06 LTS --

Source archives:

http://security.ubuntu.com/ubuntu/poo...wstats/awstats_6.5-1ubuntu1.2.diff.gz
Size/MD5: 20075 5bdc75b3b0ae69ee240430b254b529aa
http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.5-1ubuntu1.2.dsc
Size/MD5: 777 67d418d1283962b1955fffe465ed5d2e
http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.5.orig.tar.gz
Size/MD5: 1051780 aef00b2ff5c5413bd2a868299cabd69a

Architecture independent packages:

http://security.ubuntu.com/ubuntu/poo...wstats/awstats_6.5-1ubuntu1.2_all.deb
Size/MD5: 853276 6213e0f258c78ce25b73a1f7a0152f4e

Original Advisory:
http://www.ubuntu.com/usn/usn-360-1

Other References:
SA19725:
http://secunia.com/advisories/19725/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

13th Oct, 2008
New advisories: 19
New vulnerabilities: 31
Updated advisories: 28

Moderately // 211 views
My PHP Indexer "d" File Disclosure Vulnerability
Moderately // 199 views
NewLife Blogger "nlb3" SQL Injection Vulnerability
Moderately // 199 views
Ayco Okul "linkid" SQL Injection Vulnerability
Less // 202 views
ScriptsEz Mini Hosting Panel "dir" File Disclosure
Not // 254 views
WinFTP "PASV" Denial of Service Vulnerability
Moderately // 249 views
Real Estates Classifieds "cat" SQL Injection Vulnerability
Moderately // 323 views
Joomla Ignite Gallery Component "gallery" SQL Injection
Moderately // 284 views
Joomla Mad4Joomla Mailforms Component "jid" SQL Injection
Moderately // 245 views
MunzurSoft Wep Portal W3 "kat" SQL Injection Vulnerability
Moderately // 279 views
Joomla OwnBiblio Component "catid" SQL Injection

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. phpBB "url" bbcode Script Insertion Vulnerability // 31 views
2. My PHP Indexer "d" File Disclosure Vulnerability // 31 views
3. WinFTP "PASV" Denial of Service Vulnerability // 30 views
4. Joomla Ignite Gallery Component "gallery" SQL Injection // 29 views
5. Joomla Mad4Joomla Mailforms Component "jid" SQL Injection // 27 views
6. MunzurSoft Wep Portal W3 "kat" SQL Injection Vulnerability // 24 views
7. chm2pdf Insecure Temporary Directories // 24 views
8. phpBB BBcode "url" Script Insertion Vulnerability // 24 views
9. Ayco Okul "linkid" SQL Injection Vulnerability // 22 views
10. Real Estates Classifieds "cat" SQL Injection Vulnerability // 22 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008