Re: Remote buffer overflow in Webalizer

["Franck Coppola" <franck () hosting42 com>]

Here is a patch to fix the vulnerability (tested against webalizer-2.01-06). 

    Franck 

Spybreak writes: 

> Release  : April 15 2002
> Author   : Spybreak (spybreak () host sk)
> Software : Webalizer
> Version  : 2.01-09, 2.01-06
> URL      : http://www.mrunix.net/webalizer/
> Status   : vendor contacted
> Problems : remote buffer overflow 
>
>  
>
>
> --- INTRO --- 
>
> The Webalizer is a web server log file analysis program
> which produces usage statistics in HTML format for
> viewing with a browser.  The results are presented in both
> columnar and  graphical format, which facilitates
> interpretation. 
>
> Webalizer 2.01-06 is a part of the Red Hat Linux 7.2
> distribution, enabled by default and run daily by the cron
> daemon. 
>
>
> --- PROBLEM --- 
>
> The webalizer has the ability to perform reverse DNS lookups.
> This ability is disabled by default, but if enabled, an
> attacker with command over his own DNS service, has the
> ability to gain remote root acces to a machine, due to a remote
> buffer overflow in the reverse resolving code. 
>
>
> Public key:
> http://spybreak.host.sk

Attachment: patch.webalizer
Description: