The version on cobalt-aid is 2.01-9 currently. I've seen that -10 is now out and fixes this (even though, apparently, it's not quite as big a problem as the BugTraq original poster made it out to be).
I will look into generating new builds. tir, 2002-04-16 kl. 03:32 skrev Brian Rahill: > Hi All, > > I assume others have seen this bugtraq posting about webalizer (see below): > > A couple questions: Is the pkgmaster version vulnerable (seems like it > is)? How about the one from cobalt-aid.sourceforge.net? > > This seems like a pretty serious threat. Can anyone verify if other > versions that have reverse enabled are vulnerable? Should we all turn > reverse off immediately or what? > > --- Brian > > ++++++++++++++++++++++++++++ > Begin Bugtraq Posting > > --- INTRO --- > The Webalizer is a web server log file analysis program > which produces usage statistics in HTML format for > viewing with a browser. The results are presented in both > columnar and graphical format, which facilitates > interpretation. > Webalizer 2.01-06 is a part of the Red Hat Linux 7.2 > distribution, enabled by default and run daily by the cron > daemon. > > --- PROBLEM --- > The webalizer has the ability to perform reverse DNS lookups. > This ability is disabled by default, but if enabled, an > attacker with command over his own DNS service, has the > ability to gain remote root acces to a machine, due to a remote > buffer overflow in the reverse resolving code. > > _______________________________________________ > cobalt-security mailing list > [EMAIL PROTECTED] > http://list.cobalt.com/mailman/listinfo/cobalt-security > -- Martin Moeller Liga LinDist ApS. Faelledvej 16D DK-2200 Copenhagen N Tel: +45 35 36 95 05 Fax: +45 35 36 92 05 http://www.liga.dk mailto: [EMAIL PROTECTED] _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
