Here is a patch to fix the vulnerability (tested against webalizer-2.01-06).
Franck
Spybreak writes:
> Release : April 15 2002
> Author : Spybreak (spybreakat_private)
> Software : Webalizer
> Version : 2.01-09, 2.01-06
> URL : http://www.mrunix.net/webalizer/
> Status : vendor contacted
> Problems : remote buffer overflow
>
>
>
>
> --- INTRO ---
>
> The Webalizer is a web server log file analysis program
> which produces usage statistics in HTML format for
> viewing with a browser. The results are presented in both
> columnar and graphical format, which facilitates
> interpretation.
>
> Webalizer 2.01-06 is a part of the Red Hat Linux 7.2
> distribution, enabled by default and run daily by the cron
> daemon.
>
>
> --- PROBLEM ---
>
> The webalizer has the ability to perform reverse DNS lookups.
> This ability is disabled by default, but if enabled, an
> attacker with command over his own DNS service, has the
> ability to gain remote root acces to a machine, due to a remote
> buffer overflow in the reverse resolving code.
>
>
> Public key:
> http://spybreak.host.sk
>
This archive was generated by hypermail 2b30 : Tue Apr 16 2002 - 23:43:36 PDT