USN-686-1: AWStats vulnerability

12-03-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

USN-686-1: AWStats vulnerability

Referenced CVEs:
CVE-2008-3714

Description:
===========================================================Ubuntu Security Notice USN-686-1 December 04, 2008awstats vulnerabilityCVE-2008-3714===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSUbuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: awstats 6.5-1ubuntu1.3Ubuntu 7.10: awstats 6.6+dfsg-1ubuntu0.1Ubuntu 8.04 LTS: awstats 6.7.dfsg-1ubuntu0.1Ubuntu 8.10: awstats 6.7.dfsg-5ubuntu0.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Morgan Todd discovered that AWStats did not correctly strip quotes fromcertain parameters, allowing for an XSS attack when running as a CGI.If a user was tricked by a remote attacker into following a speciallycrafted URL, the user's authentication information could be exposed forthe domain where AWStats was hosted.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

LIBMTP_playlist_struct(3) libmtp LIBMTP_playlist_struct(3) NAME
libmtp - LIBMTP_playlist_struct SYNOPSIS
#include <libmtp.h> Data Fields uint32_t playlist_id uint32_t parent_id uint32_t storage_id char * name uint32_t * tracks uint32_t no_tracks LIBMTP_playlist_t * next Detailed Description MTP Playlist structure Examples: getplaylist.c, and playlists.c. Field Documentation char* LIBMTP_playlist_struct::name Name of playlist Examples: playlists.c. Referenced by LIBMTP_Create_New_Playlist(), LIBMTP_destroy_playlist_t(), LIBMTP_Get_Playlist_List(), LIBMTP_Set_Playlist_Name(), and LIBMTP_Update_Playlist(). LIBMTP_playlist_t* LIBMTP_playlist_struct::next Next playlist or NULL if last playlist Examples: playlists.c. Referenced by LIBMTP_Get_Playlist_List(). uint32_t LIBMTP_playlist_struct::no_tracks The number of tracks in this playlist Examples: getplaylist.c, and playlists.c. Referenced by LIBMTP_Create_New_Playlist(), LIBMTP_Get_Playlist_List(), and LIBMTP_Update_Playlist(). uint32_t LIBMTP_playlist_struct::parent_id ID of parent folder Examples: playlists.c. Referenced by LIBMTP_Create_New_Playlist(), and LIBMTP_Get_Playlist_List(). uint32_t LIBMTP_playlist_struct::playlist_id Unique playlist ID Examples: playlists.c. Referenced by LIBMTP_Create_New_Playlist(), LIBMTP_Get_Playlist_List(), LIBMTP_new_playlist_t(), LIBMTP_Set_Playlist_Name(), and LIBMTP_Update_Playlist(). uint32_t LIBMTP_playlist_struct::storage_id ID of storage holding this playlist Referenced by LIBMTP_Create_New_Playlist(), and LIBMTP_Get_Playlist_List(). uint32_t* LIBMTP_playlist_struct::tracks The tracks in this playlist Examples: getplaylist.c, and playlists.c. Referenced by LIBMTP_Create_New_Playlist(), LIBMTP_destroy_playlist_t(), LIBMTP_Get_Playlist_List(), and LIBMTP_Update_Playlist(). Author Generated automatically by Doxygen for libmtp from the source code. Version 1.1.3 Sun Feb 17 2013 LIBMTP_playlist_struct(3)

Security Advisories (RSS)

USN-686-1: AWStats vulnerability

LEARN ABOUT DEBIAN

mtp_libmtp_playlist_struct