awstats 又炸了,是的,對於所有 <= 6.4 的版本又炸了。根據 Securityfocus 上的 Bugtraq 報導:AWStats <= 6.4 Multiple vulnerabilities。
不過注意一下,文內提到的 Development version 是 2005/02/06 14:31 (GMT),而在 awstats 網站上是 2005/02/10 16:53,不清楚修正了沒,總之,又要升級了…
One thought on “awstats”
Comments are closed.
2005-02-14的版本修正了
Fixes:
– Fix security hole that allowed a user to read log file content even
when plugin rawlog was not enabled.
– Fix a possible use of AWStats for a DoS attack.
– configdir option was broken on windows servers.
– Minor fixes