httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anthony G. Atkielski" <>
Subject Re: [users@httpd] Apache and AWstats exploit
Date Tue, 22 Mar 2005 06:10:31 GMT
Bill Parker writes:

> In reading the list, I have noticed that people have been talking
> about the AWstats exploit. I had AWstats 6.2 installed (running 6.4
> now), but the only people who can get ssh access to the box are tech
> types in our office, and I only run the --update and
> generate a static HTML page once a day with no links on the page to
> click on to update statistics remotely. Is this something that I
> should be worried about, or is a static HTML page for AWstats not
> expoitable?

Static pages are safe.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message