forwarded with permission... ---------- Forwarded message ---------- Date: Wed, 24 Apr 2002 11:19:28 +0200 From: Tom <TheTomat_private> To: Tina Bird <tbird@precision-guesswork.com> Subject: Re: [logs] [ESA-20020423-009] webalizer contains a potentially exploitable buffer overflow (fwd) Tina Bird wrote: > Boy -- who'd've expected two buffer overflows in log > analysis programs within a month? [...] > OVERVIEW > - -------- > There is a potentially exploitable buffer overflow in webalizer which > could allow an attacker to compromise a host by spoofing reverse DNS > queries. > the destination buffer (child_buf) ist 128 bytes big and bind (bind 4 on openbsd 2.8 does) limits the size of the hostname to 64 bytes. even MAXHOSTNAMELEN on Linux (and other Unix like systems) is just 64 bytes. so i think there is no real danger by this _possible_ buffer overflow. Bye, Thomas --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Wed Apr 24 2002 - 15:26:18 PDT