Oval Definition:
oval:org.mitre.oval:def:17861
Revision Date
:
2014-06-30
Version
:
8
Title
:
USN-686-1 -- awstats vulnerability
Description
:
Morgan Todd discovered that AWStats did not correctly strip quotes from certain parameters, allowing for an XSS attack when running as a CGI.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2008-3714
CVE-2008-5080
USN-686-1
Platform(s)
:
Ubuntu 6.06
Ubuntu 7.10
Ubuntu 8.04
Ubuntu 8.10
Product(s)
:
awstats
Definition Synopsis
Release section
Ubuntu 6.06 is installed
AND
awstats DPKG is earlier than 6.5-1ubuntu1.3
Release section
Ubuntu 7.10 is installed
AND
awstats DPKG is earlier than 6.6+dfsg-1ubuntu0.1
Release section
Ubuntu 8.04 is installed
AND
awstats DPKG is earlier than 6.7.dfsg-1ubuntu0.1
Release section
Ubuntu 8.10 is installed
AND
awstats DPKG is earlier than 6.7.dfsg-5ubuntu0.1
BACK