AWStats Vulnerability!

Kipkip

Join the Revolution
    • 967
    Posts
    21
    Years
    • Age 34
    • Seen Jun 24, 2007
    If you are running AWStats version 6.2 or lower, please upgrade to 6.3. This vulnerability "..allows the execution of arbitrary commands on a server, effectively giving malicious hackers complete control over the machine." Some you may know that https://phpbb.com has been hacked using this expliot. It was not caused by phpbb so as long as you have phpbb 2.0.11, you're good. But if you are running AWStats 6.2 or lower, upgrade now.

    Source:
    https://www.eweek.com/article2/0,1759,1763152,00.asp
    https://phpbb.com/
     
    Fortunatly, I dunped phpBB...
    Switch to vB, save your server...
     
    Imakuni? said:
    Fortunatly, I dunped phpBB...
    Switch to vB, save your server...
    Click to expand...
    It is not phpbb's fault. You could use vB(worse in my opinion. Not free, not open-sourced?!?! :shocked: ) or absoulty no forum software at all and you can still be vulnerable if you use AWStats with the version 6.2 or lower.
     
    Imakuni? said:
    oh, so its a phpBB addon?
    Click to expand...

    No. AWStats allows you to view visitors to your site, where other sites link to yours, et cetera.
     
    Imakuni? said:
    oh, so its a phpBB addon?
    Click to expand...
    It's a stat system like HellishHades said. It's usually in the CPanel under stats or at least that's where mine is.
     
    oh.
    *never goes into cPanel except for db's*
     
    This goes in General. *moved
     
    You must log in or register to reply here.
    Back
    Top