Lucene search
RedHatRHSA-2002:255HistoryFeb 06, 2003 - 12:00 a.m.
(RHSA-2002:255) webalizer security update
2003-02-0600:00:00
access.redhat.com
15
0.057 Low
EPSS
Percentile
93.4%
Webalizer is a Web server log file analysis program which produces
detailed usage reports in HTML format.
A buffer overflow in Webalizer versions prior to 2.01-10, when configured
to use reverse DNS lookups, may allow remote attackers to execute arbitrary
code by connecting to the monitored Web server from an IP address that
resolves to a long hostname.
Users of Webalizer are advised to upgrade to these errata packages which
contain Webalizer version 2.01-09 with backported security and bug fix patches.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | i386 | webalizer | < 2.01_09-1.72 | webalizer-2.01_09-1.72.i386.rpm |
| RedHat | any | ia64 | webalizer | < 2.01_09-1.72 | webalizer-2.01_09-1.72.ia64.rpm |
Related
nvd
nvd
CVE-2002-0180
2002-04-22 04:00:00
CVE-2002-1234
2002-11-04 05:00:00
cvelist
cvelist
CVE-2002-0180
2002-04-18 04:00:00
cve
cve
CVE-2002-0180
2002-04-22 04:00:00
CVE-2002-1234
2002-11-04 05:00:00
nessus
nessus
RHEL 2.1 : webalizer (RHSA-2002:255)
2004-07-06 00:00:00
cert
cert
webalizer vulnerable to buffer overflow when performing reverse DNS lookups
2002-10-28 00:00:00