Remote buffer overflow in Webalizer

From: Spybreak (spybreakat_private)
Date: Mon Apr 15 2002 - 04:15:47 PDT

Next message: securityat_private: "Security Update: [CSSA-2002-SCO.16] UnixWare 7.1.1 : Multiple Vulnerabilities in BIND"

Previous message: Manuel Bouyer: "Re: local root compromise in openbsd 3.0 and below"
Next in thread: Franck Coppola: "Re: Remote buffer overflow in Webalizer"
Reply: Franck Coppola: "Re: Remote buffer overflow in Webalizer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Release  : April 15 2002
Author   : Spybreak (spybreakat_private)
Software : Webalizer
Version  : 2.01-09, 2.01-06
URL      : http://www.mrunix.net/webalizer/
Status   : vendor contacted
Problems : remote buffer overflow




--- INTRO ---

The Webalizer is a web server log file analysis program
which produces usage statistics in HTML format for
viewing with a browser.  The results are presented in both
columnar and  graphical format, which facilitates
interpretation.

Webalizer 2.01-06 is a part of the Red Hat Linux 7.2
distribution, enabled by default and run daily by the cron
daemon.


--- PROBLEM ---

The webalizer has the ability to perform reverse DNS lookups.
This ability is disabled by default, but if enabled, an
attacker with command over his own DNS service, has the
ability to gain remote root acces to a machine, due to a remote
buffer overflow in the reverse resolving code.


Public key:
http://spybreak.host.sk

Next message: securityat_private: "Security Update: [CSSA-2002-SCO.16] UnixWare 7.1.1 : Multiple Vulnerabilities in BIND"
Previous message: Manuel Bouyer: "Re: local root compromise in openbsd 3.0 and below"
Next in thread: Franck Coppola: "Re: Remote buffer overflow in Webalizer"
Reply: Franck Coppola: "Re: Remote buffer overflow in Webalizer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 15 2002 - 08:36:38 PDT