AWStats Vulnerability!

Kipkip · Feb 10, 2005

If you are running AWStats version 6.2 or lower, please upgrade to 6.3. This vulnerability "..allows the execution of arbitrary commands on a server, effectively giving malicious hackers complete control over the machine." Some you may know that https://phpbb.com has been hacked using this expliot. It was not caused by phpbb so as long as you have phpbb 2.0.11, you're good. But if you are running AWStats 6.2 or lower, upgrade now.

Source:
https://www.eweek.com/article2/0,1759,1763152,00.asp
https://phpbb.com/

Imakuni? · Feb 10, 2005

Fortunatly, I dunped phpBB...
Switch to vB, save your server...

Kipkip · Feb 10, 2005

Imakuni? said:
Fortunatly, I dunped phpBB...
Switch to vB, save your server...

It is not phpbb's fault. You could use vB(worse in my opinion. Not free, not open-sourced?!?! :shocked: ) or absoulty no forum software at all and you can still be vulnerable if you use AWStats with the version 6.2 or lower.

Imakuni? · Feb 10, 2005

oh, so its a phpBB addon?

HellishHades · Feb 10, 2005

Imakuni? said:
oh, so its a phpBB addon?

No. AWStats allows you to view visitors to your site, where other sites link to yours, et cetera.

Kipkip · Feb 11, 2005

Imakuni? said:
oh, so its a phpBB addon?

It's a stat system like HellishHades said. It's usually in the CPanel under stats or at least that's where mine is.

Imakuni? · Feb 11, 2005

oh.
*never goes into cPanel except for db's*

PD Wooper · Feb 13, 2005

Gaah. *kills poweb*
https://pokeden.com/webstats

Geometric-sama · Feb 23, 2005

This goes in General. *moved

AWStats Vulnerability!

More options

Kipkip

Join the Revolution

Imakuni?

Kipkip

Join the Revolution

Imakuni?

HellishHades

Pure Evil

Kipkip

Join the Revolution

Imakuni?

PD Wooper

.: υвεʀ ωοορεʀ :.

Geometric-sama

The Manly Man of Steel