http://www.securiteam.com/securitynews/5VP0B1P6UY.html
If you don't know if this affects you, look at your stats and see if Agents by Country is reporting anything other than "100% Unknown/Unresolved" - if it does then your webalizer is vulnerable via rDNS. Quick Fix: Unfortunately, the only way to prevent this until the latest release is out for Cobalt users is to edit the /etc/httpd/conf/httpd.conf file. Open it up and locate the line that says HostnameLookups on Comment this line out and add one for "off" #HostnameLookups on HostnameLookups off That should do it. Unfortunately, your clients will be unable to generate by country stats until it's resolved so you will probably want to contact your clients before doing it. It's only been a day since it was released so let's see what happens; I'm sure the pkgmaster.com folks will update webalizer as soon as webalizer itself updates to fix this problem. Jonothon Ortiz Vice President Xnext, Inc. Ph: 863.298.9698 or 888.84.XNEXT http://www.Xnext.com mailto:[EMAIL PROTECTED] _______________________________________________ cobalt-developers mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-developers
