Bugtraq mailing list archives
Re: Remote buffer overflow in Webalizer
From: "Franck Coppola" <franck () hosting42 com>
Date: Mon, 15 Apr 2002 22:59:16 GMT
Here is a patch to fix the vulnerability (tested against webalizer-2.01-06). Franck Spybreak writes:
Release : April 15 2002 Author : Spybreak (spybreak () host sk) Software : Webalizer Version : 2.01-09, 2.01-06 URL : http://www.mrunix.net/webalizer/ Status : vendor contactedProblems : remote buffer overflow--- INTRO ---The Webalizer is a web server log file analysis program which produces usage statistics in HTML format for viewing with a browser. The results are presented in both columnar and graphical format, which facilitatesinterpretation.Webalizer 2.01-06 is a part of the Red Hat Linux 7.2 distribution, enabled by default and run daily by the crondaemon.--- PROBLEM ---The webalizer has the ability to perform reverse DNS lookups. This ability is disabled by default, but if enabled, an attacker with command over his own DNS service, has the ability to gain remote root acces to a machine, due to a remotebuffer overflow in the reverse resolving code.Public key:http://spybreak.host.sk
Attachment:
patch.webalizer
Description:
Current thread:
- Remote buffer overflow in Webalizer Spybreak (Apr 15)
- Re: Remote buffer overflow in Webalizer Franck Coppola (Apr 16)
- Re: Remote buffer overflow in Webalizer Bradford L. Barrett (Apr 17)
- Re: Remote buffer overflow in Webalizer Lars Hecking (Apr 18)
- Re: Remote buffer overflow in Webalizer Franck Coppola (Apr 16)