lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060608143240.GG5127@piware.de>
Date: Thu Jun  8 15:32:44 2006
From: martin.pitt at canonical.com (Martin Pitt)
Subject: [USN-290-1] awstats vulnerability

=========================================================== 
Ubuntu Security Notice USN-290-1              June 08, 2006
awstats vulnerability
CVE-2006-2644
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
  awstats                        6.3-1ubuntu0.3

Ubuntu 5.10:
  awstats                        6.4-1ubuntu1.2

Ubuntu 6.06 LTS:
  awstats                        6.5-1ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Hendrik Weimer discovered a privilege escalation vulnerability in
awstats. By supplying the 'configdir' CGI parameter and setting it to
an attacker-controlled directory (such as an FTP account, /tmp, or
similar), an attacker could execute arbitrary shell commands with the
privileges of the web server (user 'www-data').

This update disables the 'configdir' parameter by default. If all
local user accounts can be trusted, it can be reenabled by running
awstats with the AWSTATS_ENABLE_CONFIG_DIR environment variable set to
a nonempty value.


Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3-1ubuntu0.3.diff.gz
      Size/MD5:    25786 f0aff903ca34176072985eb0cc291093
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3-1ubuntu0.3.dsc
      Size/MD5:      595 52ec6fc22747b67732f48d60adc0c187
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3.orig.tar.gz
      Size/MD5:   938794 edb73007530a5800d53b9f1f90c88053

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3-1ubuntu0.3_all.deb
      Size/MD5:   726624 c774701a596cf7b61d06861dd8c8471e

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4-1ubuntu1.2.diff.gz
      Size/MD5:    18999 1523e09757b7de3c075bb86067f33445
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4-1ubuntu1.2.dsc
      Size/MD5:      595 1433006e2e47ad101e2344967ab8c491
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4.orig.tar.gz
      Size/MD5:   918435 056e6fb0c7351b17fe5bbbe0aa1297b1

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4-1ubuntu1.2_all.deb
      Size/MD5:   728650 694410e8ed001ad701a91594685f8b8b

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.5-1ubuntu1.1.diff.gz
      Size/MD5:    18857 7ff1194a74691e801a3b7fee24776e19
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.5-1ubuntu1.1.dsc
      Size/MD5:      779 af43c7c831376f72803478265e3044fc
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.5.orig.tar.gz
      Size/MD5:  1051780 aef00b2ff5c5413bd2a868299cabd69a

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.5-1ubuntu1.1_all.deb
      Size/MD5:   853150 42f6fa26513e4ef65c9c30e01ad4e9c9

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060608/be4f5f16/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ