customerasfen.blogg.se - Cgi bin awstats pl

Cgi bin awstats pl install#
Cgi bin awstats pl full#
Cgi bin awstats pl download#

Perl /path/to/yourwebdir/ cgi-bin-dir/awstats. If there is no error report, you can use cgi-bin-dir/?config=myname to access Chinese cultureĪwstats comes with a Chinese cultural interface, through Perl /path/to/yourwebdir/ cgi-bin-dir/ -update -config=myname

Put wwwroot/other directories under the awstats installation directory to /path/to/yourwebdir/awstats-supportĪt this point, the simple awstats has been configured, restart the following lighttpd, and then execute.

Put wwwroot/cgi-bin in the awstats installation directory to /path/to/yourwebdir/ cgi-bin-dir.

Mv wwwroot/*/path/to/yourwebdir/awstats-support/#copy resources Mkdir/path/to/yourwebdir/awstats-support/# Consistent with DirIcons Mv wwwroot/cgi-bin//path/to/yourwebdir/cgi-bin-dir # Consistent with DirCgi Note that to make the new perl take effect, you need to overwrite/usr/bin/perl with/usr/local/bin/perl, or you can put/in the PATH usr/local/bin mentioned in front of/usr/bin

Cgi bin awstats pl download#

solaris: Go directly to sunfreeware to download the ready-made one, download gunzip and add it with pkgadd -d.linux: download the latest stable package.too lazy to write.

Cgi bin awstats pl install#

These plugins have some requirements for perl modules and versions, so it is best to upgrade to The latest 5.x Install new perl In AWStats cgibin/config accepts an absolute pathname, eventhough it was intended to only read a file in the /etc/awstats/nf format.

Although awstats does not require high versions, awstats provides some useful plugins. Perl (nonsense) is required on the machine. Lighttpd can also use awstats for statistical work. I don't know anything about perl, for awstats, I have been fiddled with for a long time, and the special record is as followsĪwstats is a very useful site log statistics tool. At this point, the simple awstats has been configured, restart the following lighttpd, and then execute. MitigationAwstats installation and configuration notes under lighttpd A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

The vulnerability exists due to input validation error when processing directory traversal sequences. I'm going to try your D:\WEBSITES\awStats\cgi-bin> -configmysite-update -LogFileD:\WEBSITES\mysite\logs\W3SVC1234567890\ex100315.log JeanLuc. We are not aware of malware exploiting this vulnerability. DirData'D:\WEBSITES\awStats\Same results. Is there known malware, which exploits this vulnerability?

This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Cgi bin awstats pl full#

Full software list in CPE2.3 format available after registration.Ĭan this vulnerability be exploited remotely?.

Note that if you want to analyze, with AWStats, mail log files from postfix, sendmail or qmail, a better solution is to use instead preprocessor (See AWStats F.A.Q about analyzing mail logs).

cpe:2.3:a:awstats_sourceforge_net:awstats:7.0:*:*:*:*:*:*:* converts mail logs in smail or qmail format to the common log format.

MitigationĬybersecurity Help is currently unaware of any official solution to address this vulnerability.

The vulnerability exists due to input validation error when processing directory traversal sequences in the "config" parameter in the cgi-bin/ script. The vulnerability allows a remote attacker to perform directory traversal attacks. CVSSv3.1: 6.9 ĬWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')