CVE-2010-4369

Published: 2 December 2010

Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory.

Priority

Package	Release	Status
awstats Launchpad, Ubuntu, Debian	upstream	Released (7.0)
	dapper	Released (6.5-1ubuntu1.4)
	hardy	Released (6.7.dfsg-1ubuntu0.2)
	karmic	Released (6.9~dfsg-1ubuntu3.9.10.1)
	lucid	Released (6.9~dfsg-1ubuntu3.10.04.1)
	maverick	Released (6.9.5~dfsg-3ubuntu0.1)
	Patches: upstream: http://awstats.cvs.sourceforge.net/viewvc/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.966&r2=1.967

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.