Common Vulnerabilities and Exposures assigned an identifier CVE-2010-4369 to the following vulnerability: Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4369 [2] http://awstats.sourceforge.net/docs/awstats_changelog.txt
This issue does NOT affect the current versions of the awstats package, as shipped with Fedora release of 13 and 14 (relevant packages are already updated). -- This issue affects the version of the awstats package, as present within EPEL-5 repository. Please schedule an update.
http://sourceforge.net/tracker/?func=detail&aid=2537928&group_id=13764&atid=113764
Patch: http://awstats.cvs.sourceforge.net/viewvc/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.966&r2=1.967&view=patch
https://admin.fedoraproject.org/updates/awstats-6.95-2.el5