ID de Prueba:	1.3.6.1.4.1.25623.1.0.831337
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for awstats MDVSA-2011:033 (awstats)
Resumen:	The remote host is missing an update for the 'awstats'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'awstats' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple vulnerabilities has been found and corrected in awstats: awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a (1) WebDAV server or (2) NFS server (CVE-2010-4367). Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory (CVE-2010-4369). The updated packages have been upgraded to the latest version to address these vulnerabilities. Affected Software/OS: awstats on Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4367 http://www.mandriva.com/security/advisories?name=MDVSA-2011:033 http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-001.html Common Vulnerability Exposure (CVE) ID: CVE-2010-4369 BugTraq ID: 45210 http://www.securityfocus.com/bid/45210 http://secunia.com/advisories/43004 http://www.ubuntu.com/usn/USN-1047-1 http://www.vupen.com/english/advisories/2011/0202
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.