Server Management - Systems Insight Manager
cancel
Showing results for 
Search instead for 
Did you mean: 

HP Sim AWStats awredir.pl Open Redirect Vulnerability

 
Highlighted
New Member

HP Sim AWStats awredir.pl Open Redirect Vulnerability

Recently within our security vulnerability reporting that is reporting an awredir.pl Open Redirect Vulnerability. My early investigations have pointed this application being used by HP SIM, since the application is not installed on any of our servers. From everything I have been able to come up with, the only way to remove this vulnerability is to upgrade to the latest version of AWSTAT. I do not want to do this since we do not have the application installed on our servers at all. Is HP aware of this vulnerability within their application and is there a patch to resolve it?

Thanks
1 REPLY 1
Highlighted
New Member

Re: HP Sim AWStats awredir.pl Open Redirect Vulnerability

Have you found anything else pointing to SIM installing AWSTAT? I'm a long time SIM user, and I never heard of it landing this tool, *and* I can't find it in HPs End User License Agreement.

Do you have any scanning tools installed which might have landed AWSTAT?