CVE-2005-1527

NONE EPSS 83.9%
Published Aug 15, 200520y ago · Modified Jun 16, 20262w ago
Find Similar
Published Aug 15, 2005 20y ago
Last Modified Jun 16, 2026 2w ago

Description

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call.

Threat Intelligence

EPSS Exploit Probability
83.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-94 Improper Control of Generation of Code (Code Injection) Injection

Affected Products 4

VendorProductVersionRange
awstatsawstats* ≤6.4
canonicalubuntu_linux5.04any
debiandebian_linux3.0any
debiandebian_linux3.1any

References 11

  • secunia.com http://secunia.com/advisories/16412
    Broken LinkPatchVendor Advisory
  • secunia.com http://secunia.com/advisories/17463
    Broken Link
  • securitytracker.com http://securitytracker.com/id?1014636
    Broken LinkPatchThird Party AdvisoryVDB Entry
  • debian.org http://www.debian.org/security/2005/dsa-892
    Mailing ListThird Party Advisory
  • idefense.com http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities&flashstatus=false
    Broken Link
  • novell.com http://www.novell.com/linux/security/advisories/2005_19_sr.html
    Broken Link
  • osvdb.org http://www.osvdb.org/18696
    Broken LinkPatch
  • securiteam.com http://www.securiteam.com/unixfocus/5DP0J00GKE.html
    Broken LinkVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/14525
    Broken LinkThird Party AdvisoryVDB Entry
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/21769
    Third Party AdvisoryVDB Entry
  • usn.ubuntu.com https://usn.ubuntu.com/167-1/
    Broken Link

Remediation

  • secunia.com http://secunia.com/advisories/16412
    Broken LinkPatchVendor Advisory
  • securitytracker.com http://securitytracker.com/id?1014636
    Broken LinkPatchThird Party AdvisoryVDB Entry
  • osvdb.org http://www.osvdb.org/18696
    Broken LinkPatch