certfr_avis - CERTA-2010-AVI-579

CERTA-2010-AVI-579

Vulnerability from certfr_avis - Published: - Updated:

Des vulnérabilités affectent AWStats dont certaines permettent à un utilisateur malveillant d'exécuter du code à distance.

Description

Des vulnérabilités affectent AWStats :

l'acceptation par awstat.cgi d'un chemin vers un fichier de configuration dans l'adresse réticulaire (URL) permet à un utilisateur malveillant d'exécuter du code à distance au moyen d'un fichier de configuration malveillant dans un répertoire NFS ou WebDAV ;
le même problème est également présent sous Windows avec les fichiers partagés ;
l'utilisation de LoadPlugin permet à un utilisateur malveillant de parcourir une partie non autorisée de l'arborescence des fichiers.

Solution

La version 7.0 d'AWStats corrige ces problèmes.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

AWStats 6.95 et versions antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Note de vulnérabilité de l'US-CERT VU#870532 du 30 novembre 2010	None	vendor-advisory
Note de vulnérabilité de l'US-CERT VU#870532 du 30 novembre 2010 :	-	other
Site de téléchargement du projet AWStats :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eAWStats 6.95 et versions ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nDes vuln\u00e9rabilit\u00e9s affectent AWStats\u00a0:\n\n-   l\u0027acceptation par awstat.cgi d\u0027un chemin vers un fichier de\n    configuration dans l\u0027adresse r\u00e9ticulaire (URL) permet \u00e0 un\n    utilisateur malveillant d\u0027ex\u00e9cuter du code \u00e0 distance au moyen d\u0027un\n    fichier de configuration malveillant dans un r\u00e9pertoire NFS ou\n    WebDAV\u00a0;\n-   le m\u00eame probl\u00e8me est \u00e9galement pr\u00e9sent sous Windows avec les\n    fichiers partag\u00e9s\u00a0;\n-   l\u0027utilisation de LoadPlugin permet \u00e0 un utilisateur malveillant de\n    parcourir une partie non autoris\u00e9e de l\u0027arborescence des fichiers.\n\n## Solution\n\nLa version 7.0 d\u0027AWStats corrige ces probl\u00e8mes.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4369"
    },
    {
      "name": "CVE-2010-4368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4368"
    },
    {
      "name": "CVE-2010-4367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4367"
    }
  ],
  "links": [
    {
      "title": "Note de vuln\u00e9rabilit\u00e9 de l\u0027US-CERT VU#870532 du 30 novembre    2010 :",
      "url": "http://www.kb.cert.org/vuls/id/870532"
    },
    {
      "title": "Site de t\u00e9l\u00e9chargement du projet AWStats :",
      "url": "http://awstats.sourceforge.net"
    }
  ],
  "reference": "CERTA-2010-AVI-579",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-12-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Des vuln\u00e9rabilit\u00e9s affectent AWStats dont certaines permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans AWStats",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Note de vuln\u00e9rabilit\u00e9 de l\u0027US-CERT VU#870532 du 30 novembre 2010",
      "url": null
    }
  ]
}

CVE-2010-4367 (GCVE-0-2010-4367)

Vulnerability from cvelistv5 – Published: 2010-12-02 16:00 – Updated: 2024-08-07 03:43

Summary

awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a (1) WebDAV server or (2) NFS server.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.exploitdevelopment.com/Vulnerabilities…	x_refsource_MISC
	http://awstats.sourceforge.net/docs/awstats_chang…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:43:14.839Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2011:033",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:033"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-08-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a (1) WebDAV server or (2) NFS server."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-02-23T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDVSA-2011:033",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:033"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4367",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a (1) WebDAV server or (2) NFS server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2011:033",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:033"
            },
            {
              "name": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-001.html",
              "refsource": "MISC",
              "url": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-001.html"
            },
            {
              "name": "http://awstats.sourceforge.net/docs/awstats_changelog.txt",
              "refsource": "CONFIRM",
              "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-4367",
    "datePublished": "2010-12-02T16:00:00",
    "dateReserved": "2010-12-02T00:00:00",
    "dateUpdated": "2024-08-07T03:43:14.839Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-4368 (GCVE-0-2010-4368)

Vulnerability from cvelistv5 – Published: 2010-12-02 16:00 – Updated: 2024-09-16 19:39

Summary

awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.kb.cert.org/vuls/id/870532	third-party-advisoryx_refsource_CERT-VN
	http://awstats.sourceforge.net/docs/awstats_chang…	x_refsource_MISC
	http://www.exploitdevelopment.com/Vulnerabilities…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:43:14.765Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#870532",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/870532"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-001.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-12-02T16:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#870532",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/870532"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-001.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4368",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#870532",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/870532"
            },
            {
              "name": "http://awstats.sourceforge.net/docs/awstats_changelog.txt",
              "refsource": "MISC",
              "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt"
            },
            {
              "name": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-001.html",
              "refsource": "MISC",
              "url": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-001.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-4368",
    "datePublished": "2010-12-02T16:00:00Z",
    "dateReserved": "2010-12-02T00:00:00Z",
    "dateUpdated": "2024-09-16T19:39:59.178Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-4369 (GCVE-0-2010-4369)

Vulnerability from cvelistv5 – Published: 2010-12-02 16:00 – Updated: 2024-08-07 03:43

Summary

Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0202	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/45210	vdb-entryx_refsource_BID
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.ubuntu.com/usn/USN-1047-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/43004	third-party-advisoryx_refsource_SECUNIA
	http://awstats.sourceforge.net/docs/awstats_chang…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:43:14.651Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0202",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0202"
          },
          {
            "name": "45210",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45210"
          },
          {
            "name": "MDVSA-2011:033",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:033"
          },
          {
            "name": "USN-1047-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1047-1"
          },
          {
            "name": "43004",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43004"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-08-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-12-10T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2011-0202",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0202"
        },
        {
          "name": "45210",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/45210"
        },
        {
          "name": "MDVSA-2011:033",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:033"
        },
        {
          "name": "USN-1047-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1047-1"
        },
        {
          "name": "43004",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43004"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4369",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2011-0202",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0202"
            },
            {
              "name": "45210",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/45210"
            },
            {
              "name": "MDVSA-2011:033",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:033"
            },
            {
              "name": "USN-1047-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1047-1"
            },
            {
              "name": "43004",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43004"
            },
            {
              "name": "http://awstats.sourceforge.net/docs/awstats_changelog.txt",
              "refsource": "CONFIRM",
              "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-4369",
    "datePublished": "2010-12-02T16:00:00",
    "dateReserved": "2010-12-02T00:00:00",
    "dateUpdated": "2024-08-07T03:43:14.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTA-2010-AVI-579

Description

Solution

CVE-2010-4367 (GCVE-0-2010-4367)

CVE-2010-4368 (GCVE-0-2010-4368)

CVE-2010-4369 (GCVE-0-2010-4369)

Tags

Sightings

Nomenclature