My site was hacked too (they changed my index page). And I am running awstats. I don't know for sure if that's what caused them to gain access or not, as I am not the admin, just a user. I have sent their tech support an email, waiting to hear back.

Our site was hacked too.
We are pretty sure, that awstat was used to break in initially (see:http://forum.zone-h.org/viewtopic.php?t=1902).
We dont know yet how they proceeded to become root.
It is NOT only graffity: they installed a root kit and replaced the kernel.
The root kit consists of patched ls, ps, pstree, netstat, ifconfig (...) and (at least one) changed shared library (still checking).
ifconfig was replaced by a version which opens an unauthorized root backdoor through a non-priv tcp port.
The modified netstat hides this port; the modified ps hides the underlying daemon. ls hides the files.
The kernel was modified to not allow move or replacement of the corrupted executables (guess: by a special uid/gid combination).

If your site was attacked - please ensure, that its definitely only the apache config or home page, that was changed - otherwise, it could be used for further fraud/attacks.
Do not trust any command - before analyzing; make sure you have downloaded trusted versions of the above mentioned commands (use statically linked versions, as libc.so and friends could also be affected)
BTW: Our linux was pretty up-to-date w.r.t. security fixes (except for awstats - sigh).

regards