Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora: 2009-12444 Moderate: Awstats Script Security Key Fix

fedora
Calendar Grey December 1, 2009
Dist Fedora Esm H88
Bolster your awstats protection through this Fedora upgrade, addressing critical vulnerabilities and enhancing input validation.
- Fix security in awredir.pl script by adding a security key required by default

Summary

Advanced Web Statistics is a powerful and featureful tool that generates

advanced web server graphic statistics. This server log analyzer works

from command line or as a CGI and shows you all information your log contains,

in graphical web pages. It can analyze a lot of web/wap/proxy servers like

Apache, IIS, Weblogic, Webstar, Squid, ... but also mail or ftp servers.

This program can measure visits, unique vistors, authenticated users, pages,

domains/countries, OS busiest times, robot visits, type of files, search

engines/keywords used, visits duration, HTTP errors and more...

Statistics can be updated from a browser or your scheduler.

The program also supports virtual servers, plugins and a lot of features.

With the default configuration, the statistics are available:

Update Information:

- Fix security in awredir.pl script by adding a security key required by default. - Enhance security of parameter sanitizing function.

Topics%20covered

Topics Covered

security advisory Fedora awstats parameter sanitizing script enhancement

Change Log

* Thu Nov 26 2009 Aurelien Bompard - 6.95-1 - version 6.95 (security fix) - drop patch0 * Fri Aug 21 2009 Aurelien Bompard - 6.9-4 - don't backup the cgi when patching (#518168) * Fri Jul 24 2009 Fedora Release Engineering - 6.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Mon Feb 23 2009 Fedora Release Engineering - 6.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Wed Dec 31 2008 Aurelien Bompard 6.9-1 - version 6.9 - use Debian's version of the CVE-2008-3714 fix * Sat Dec 6 2008 Aurelien Bompard 6.8-3 - Use Debian's patch for CVE-2008-3714 (rh#474396)

References

Fedora Update Notification FEDORA-2009-12444 2009-12-01 03:23:06
Name : awstats Product : Fedora 10 Version : 6.95 Release : 1.fc10 URL : https://awstats.sourceforge.io/ Summary : Advanced Web Statistics Description : Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works from command line or as a CGI and shows you all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers like Apache, IIS, Weblogic, Webstar, Squid, ... but also mail or ftp servers.
This program can measure visits, unique vistors, authenticated users, pages, domains/countries, OS busiest times, robot visits, type of files, search engines/keywords used, visits duration, HTTP errors and more... Statistics can be updated from a browser or your scheduler. The program also supports virtual servers, plugins and a lot of features.
With the default configuration, the statistics are available:

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update awstats' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: awstats
Product: Fedora 10
Version: 6.95
Release: 1.fc10
URL: https://awstats.sourceforge.io/
Summary: Advanced Web Statistics

Topics%20covered

Topics Covered

security advisory Fedora awstats parameter sanitizing script enhancement

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here