HP Sim AWStats awredir.pl Open Redirect Vulnerability

Frank Martino · ‎05-10-2011

Recently within our security vulnerability reporting that is reporting an awredir.pl Open Redirect Vulnerability. My early investigations have pointed this application being used by HP SIM, since the application is not installed on any of our servers. From everything I have been able to come up with, the only way to remove this vulnerability is to upgrade to the latest version of AWSTAT. I do not want to do this since we do not have the application installed on our servers at all. Is HP aware of this vulnerability within their application and is there a patch to resolve it?

Thanks

Chris H Hibbard · ‎05-17-2011

Have you found anything else pointing to SIM installing AWSTAT? I'm a long time SIM user, and I never heard of it landing this tool, *and* I can't find it in HPs End User License Agreement.

Do you have any scanning tools installed which might have landed AWSTAT?

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

HP Sim AWStats awredir.pl Open Redirect Vulnerability

HP Sim AWStats awredir.pl Open Redirect Vulnerability

Re: HP Sim AWStats awredir.pl Open Redirect Vulnerability