Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Apps N-Z :: lnx5271.htm

Webalizer remote buffer overflow



17th Apr 2002 [SBWID-5271]
COMMAND

	Webalizer remote buffer overflow

SYSTEMS AFFECTED

	Webalizer 2.01-09, 2.01-06

PROBLEM

	Spybreak [http://spybreak.host.sk] says :
	

	The webalizer has the ability  to  perform  reverse  DNS  lookups.  This
	ability is disabled  by  default,  but  if  enabled,  an  attacker  with
	command over his own DNS service, has the ability to  gain  remote  root
	acces to a machine, due to a  remote  buffer  overflow  in  the  reverse
	resolving code.

SOLUTION

	Franck Coppola  provided  a  patch  to  fix  the  vulnerability  (tested
	against webalizer-2.01-06) :
	

	|--- dns_resolv.c        Tue Apr 16 00:53:19 2002

	|***************

	|*** 445,449 ****

	|                                     size,strlen(res_ent->h_name));

	|  

	|!                         strcpy(child_buf, res_ent->h_name);

	|                          size = strlen(child_buf);

	|                       }

	|--- 445,449 ----

	|                                     size,strlen(res_ent->h_name));

	|  

	|!                         strncpy(child_buf, res_ent->h_name, MAXHOST);

	|                          size = strlen(child_buf);

	|                       }

	

	

	 Update (18 April 2002)

	 ======

	

	Version 2.01-10 has been released, which fixes  this  and  a  few  other
	buglets that have been discovered in the last month or  so.  Get  it  at
	the usual place :
	 

	http://www.mrunix.net/webalizer/ or http://www.webalizer.org

	ftp://ftp.mrunix.net/pub/webalizer/

	


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH