Webalizer is a Web server log file analysis program which produces
detailed usage reports in HTML format.
A buffer overflow in Webalizer versions prior to 2.01-10, when configured
to use reverse DNS lookups, may allow remote attackers to execute arbitrary
code by connecting to the monitored Web server from an IP address that
resolves to a long hostname.
Users of Webalizer are advised to upgrade to these errata packages which
contain Webalizer version 2.01-09 with backported security and bug fix patches.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | i386 | webalizer | < 2.01_09-1.72 | webalizer-2.01_09-1.72.i386.rpm |
RedHat | any | ia64 | webalizer | < 2.01_09-1.72 | webalizer-2.01_09-1.72.ia64.rpm |