CVE-2006-3682

Publication date 21 July 2006

Last updated 17 July 2025

Ubuntu priority

awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attackers to obtain the installation path via the (1) year, (2) pluginmode or (3) month parameters.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
awstats	7.04 feisty	Fixed 6.5-2ubuntu1
	6.10 edgy	Fixed 6.5-2ubuntu1
	6.06 LTS dapper	Fixed 6.5-1ubuntu1.2

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-360-1
awstats vulnerabilities
10 October 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-3682