Jonathan Stowe jns at
Wed Mar 8 10:10:13 GMT 2006

On Wed, 2006-03-08 at 09:43, Paul Orrock wrote:
> Jonathan Stowe wrote:
> > access.log: - - [15/Mar/2005:15:50:43 +0000] 
> >
> > It's still going on.
> This was fixed in version 6.4 released on the 16th March 2005

Obviously the people who installed awstats aren't really that worried
about security, either that or it's such a bitch to get working nicely
they don't want to upgrade - I have 170 unique IPs probing for this
vulnerability since after that date, so it would appear Slapper or
Lupper or whatever it is called is still spreading albeit not

Shame it was written in PERL, otherwise people could hack on it.


This e-mail is sponsored by

More information about the mailing list