AWStats 6.1, and other versions prior to 6.3, allows remote malicious users to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
##
# $Id: awstats_configdir_execrb 7970 2009-12-26 03:31:20Z hdm $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions Please see the Metasploit
# Framework web site for more information on licensing and terms of use
# metasploitcom/framework/
##
require 'msf/core'
...
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions Please see the Metasploit
# Framework web site for more information on licensing and terms of use
# metasploitcom/framework/
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
include Msf ...
/*
AwStats exploit by Thunder, molnar_rcs@yahoocom
This exploit makes use of the remote command execution bug discovered in
AwStats ver 62 and below The bug resides in the awstatspl perl script
The script does not sanitise correctly the user input for the
`configdir` parameter If the users sends a command prefixed and postfixed
with | , the ...