![]() ![]() The remote version of this software fails to sanitize user-supplied input to the configdir parameter of the script. How can I ensure that everything is blocked as it should be and that nothing " bad" is happening? The guy who set up our FortiGates is no longer here so not really up to speed on this. The remote host is running AWStats, a free logfile analysis tool for analyzing ftp, mail, web. Original advisory and published exploit The fix is also trivial. AWStats 6. AWStats configdir Remote Command Execution exploits/unix/webapp/. AWStats configdir Remote Command Execution - Metasploit. They say the severity is low and I' m assuming that since it is being reported that it is being successfully blocked throughout, but it concerns me. > Regards, > Frank Slightly off-topic here, but if any of you folks use awstats, this vulnerability does not affect the static output functionality of awstats, nor can you access the web interface with the appropriate restrictions set in your nf. Drupal: unsanitized requests allow remote attackers to execute arbitrary code. .Execution In the last couple weeks I am seeing a ton of messages like below. Do: set PAYLOAD payload Set other options required by the payload. This payload should be the same as the one your awstatsconfigdirexec will be using: Do: use exploit/multi/handler. Second, set up a background payload listener. ![]() : Changes to be compatible with new AWStats. First, create a list of IPs you wish to exploit with this module. In the last couple weeks I am seeing a ton of messages like below. As AWStats works from the command line but also as a CGI. ![]()
0 Comments
Leave a Reply. |