AWStats eval() Remote Command Execution Vulnerability (CVE-2005-0436/1527) and Patch Guide

From this IBM X-Force Exchange webpage screenshot, the following key vulnerability information can be extracted: Vulnerability Title: AWStats eval() Command Execution CVE IDs: - CVE-2005-0436 - CVE-2005-1527 CVSS Score: 3.5 CVSS Breach Metrics: - Access Vector: Remote - Access Complexity: Low - Authentication: Not Required - Confidentiality Impact: None - Integrity Impact: Partial - Availability Impact: None Consequence: - Gain Access Remediation: - Upgrade to the latest version of AWStats (6.4 or higher) - For Gentoo Linux: Upgrade to the latest version of AWStats (6.5 or higher) - For Debian GNU/Linux: Refer to DSA-892-1 for patching, upgrade, or recommended workflow information - For Ubuntu Linux: Refer to USN-167-1 for patching, upgrade, or recommended workflow information - For other distributions: Contact the vendor for upgrade or patch information Affected Products: - AWStats AWStats 6.3 Dependent Products: - Canonical Ubuntu 5.04 - Debian Debian Linux 3.1 - Gentoo Linux External Links: - CVE-2005-0436 - CVE-2005-1527 - BID-14525 - iDEFENSE Security Advisory 08.09.05

Goal Reached Thanks to every supporter — we hit 100%!

AWStats eval() Remote Command Execution Vulnerability (CVE-2005-0436/1527) and Patch Guide