From: eldy <>
Date: Tue, 25 May 2010 19:05:34 +0000 (+0000)
Subject: Fix security hole reported by StenoPlasma @ www.ExploitDevelopment.com
X-Git-Tag: AWSTATS_7_0_BETA2~37
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=97afc6c57264fad523630e15c740c91e32b8ddbc;p=thirdparty%2FAWStats.git

Fix security hole reported by StenoPlasma @ www.ExploitDevelopment.com
---

diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl
index 68c84715..041c8af5 100644
--- a/wwwroot/cgi-bin/awstats.pl
+++ b/wwwroot/cgi-bin/awstats.pl
@@ -1669,15 +1669,20 @@ sub Read_Config {
 		); 
 
 	if ($configdir) {
-		# If from CGI, overwriting of configdir is only possible if AWSTATS_ENABLE_CONFIG_DIR defined
-		if ($ENV{'GATEWAY_INTERFACE'} && ! $ENV{"AWSTATS_ENABLE_CONFIG_DIR"})
-		{
-			error("Sorry, to allow overwriting of configdir parameter, from an AWStats CGI page, with a non default value, environment variable AWSTATS_ENABLE_CONFIG_DIR must be set to 1. For example, by adding the line 'SetEnv AWSTATS_ENABLE_CONFIG_DIR 1' in your Apache config file or into a .htaccess file.");
+		# Check if configdir is outside default values.
+		my $outsidedefaultvalue=1;
+		foreach (@PossibleConfigDir) {
+			if ($_ eq $configdir) { $outsidedefaultvalue=0; last; }
 		}
-		else
+
+		# If from CGI, overwriting of configdir with a value that differs from a defautl value
+		# is only possible if AWSTATS_ENABLE_CONFIG_DIR defined
+		if ($ENV{'GATEWAY_INTERFACE'} && $outsidedefaultvalue && ! $ENV{"AWSTATS_ENABLE_CONFIG_DIR"})
 		{
-			@PossibleConfigDir = ("$configdir");
+			error("Sorry, to allow overwriting of configdir parameter, from an AWStats CGI page, with a non default value, environment variable AWSTATS_ENABLE_CONFIG_DIR must be set to 1. For example, by adding the line 'SetEnv AWSTATS_ENABLE_CONFIG_DIR 1' in your Apache config file or into a .htaccess file.");
 		}
+
+		@PossibleConfigDir = ("$configdir");
 	}
 
 	# Open config file