CVE-2006-2237

Name of the Vulnerable Software and Affected Versions: AWStats versions 6.4 through 6.5 AWStats (affected versions not specified) in openSUSE

Description: The issue allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter when statistics updates are enabled. Multiple vulnerabilities in the AWStats package may lead to disruption of confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations: For AWStats versions 6.4 through 6.5, consider disabling the statistics updates feature until a patch is available. For AWStats in openSUSE, at the moment, there is no information about a newer version that contains a fix for this vulnerability.