httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anthony G. Atkielski" <anth...@atkielski.com>
Subject Re: [users@httpd] Apache and AWstats exploit
Date Tue, 22 Mar 2005 06:10:31 GMT
Bill Parker writes:

> In reading the list, I have noticed that people have been talking
> about the AWstats exploit. I had AWstats 6.2 installed (running 6.4
> now), but the only people who can get ssh access to the box are tech
> types in our office, and I only run the awstats.pl --update and
> generate a static HTML page once a day with no links on the page to
> click on to update statistics remotely. Is this something that I
> should be worried about, or is a static HTML page for AWstats not
> expoitable?

Static pages are safe.

-- 
Anthony



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message