This problem has been assigned CAN-2005-0116: URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0116
Reference: IDEFENSE:20050117 AWStats Remote Command Execution Vulnerability Reference: URL:http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities&flashstatus=false Reference: CONFIRM:http://awstats.sourceforge.net/docs/awstats_changelog.txt AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter. Please . update the package in sid . mention the CVE id from the subject in the changelog . use priority=high . no need to upload into sarge directly, except if the version in sid is not meant to go into testing Regards, Joey -- Ten years and still binary compatible. -- XFree86 Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]