ID de Prueba:	1.3.6.1.4.1.25623.1.0.55090
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200508-07 (awstats)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200508-07.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200508-07. Vulnerability Insight: AWStats fails to validate certain log input, which could lead to the execution of arbitrary Perl code during the generation of the statistics. Solution: All AWStats users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-www/awstats-6.5' Note: Users with the vhosts USE flag set should manually use webapp-config to finalize the update. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1527 BugTraq ID: 14525 http://www.securityfocus.com/bid/14525 Debian Security Information: DSA-892 (Google Search) http://www.debian.org/security/2005/dsa-892 http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities&flashstatus=false http://www.securiteam.com/unixfocus/5DP0J00GKE.html http://www.osvdb.org/18696 http://securitytracker.com/id?1014636 http://secunia.com/advisories/16412 http://secunia.com/advisories/17463 SuSE Security Announcement: SUSE-SR:2005:019 (Google Search) http://www.novell.com/linux/security/advisories/2005_19_sr.html https://usn.ubuntu.com/167-1/ XForce ISS Database: awstats-eval-execute-commands(21769) https://exchange.xforce.ibmcloud.com/vulnerabilities/21769
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.