Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3682

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3682
Last Modified 07 Mar 2011 09:39:12
Published 21 Jul 2006 10:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3682

Summary

awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attackers to obtain the installation path via the (1) year, (2) pluginmode or (3) month parameters.

Vulnerable Systems

Application

  • Awstats 6.5 1.857


References

XF - awstats-multiple-path-disclosure(25880)

VUPEN - ADV-2006-1421

SECUNIA - 19725

UBUNTU - USN-360-1

SECUNIA - 22306

MISC - http://pridels0.blogspot.com/2006/04/awstats-65x-multiple-vuln.html


Last Updated: 27 May 2016 10:43:06