This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
Updated Webalizer packages are available for Red Hat Linux Advanced
Server 2.1 which fix an obscure buffer overflow bug in the DNS
[Updated 13 Jan 2003] Added fixed packages for the Itanium (IA64)
[Updated 06 Feb 2003] Added fixed packages for Advanced Workstation
Webalizer is a Web server log file analysis program which produces
detailed usage reports in HTML format.
A buffer overflow in Webalizer versions prior to 2.01-10, when
configured to use reverse DNS lookups, may allow remote attackers to
execute arbitrary code by connecting to the monitored Web server from
an IP address that resolves to a long hostname.
Users of Webalizer are advised to upgrade to these errata packages
which contain Webalizer version 2.01-09 with backported security and
bug fix patches.
See also :
Update the affected webalizer package.
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12333 ()
CVE ID: CVE-2002-0180
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.