Date: Mon, 29 Apr 2002 13:59:01 -0400 From: The Anarcat <anarcat@anarcat.dyndns.org> To: Igor Roshchin <str@giganda.komkon.org> Cc: security@freebsd.org Subject: Re: Webalizer - is FreeBSD port vulnerable ? Message-ID: <20020429175901.GC321@lenny.anarcat.dyndns.org> In-Reply-To: <200204291618.g3TGIt821629@giganda.komkon.org> References: <200204291618.g3TGIt821629@giganda.komkon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sr1nOIr3CvdE5hEN Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable IIRC, the port was fixed not long ago. Please see the security advisory. A. On Mon Apr 29, 2002 at 12:18:55PM -0400, Igor Roshchin wrote: >=20 > Hello! >=20 > Webalizer is found to have a buffer overflow that is reportedly > remotely exploitable. > http://online.securityfocus.com/archive/1/267551 > http://online.securityfocus.com/bid/4504 > http://www.mrunix.net/webalizer/news.html >=20 >=20 > The second link above contains a list of vulnerable versions / OSes. > The only BSD-ish system mentioned is MacOS-X. > Is any of the versions of FreeBSD port vulnerable ? >=20 > Best, >=20 > Igor >=20 >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --=20 Imagination is more important than knowledge - Albert Einstein --Sr1nOIr3CvdE5hEN Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzNieQACgkQttcWHAnWiGfeMACdFOY5LxXckTpBX5zGgQeZaHup FxgAn3JYIWxQdfHpe2NFZOueHJSTS+X6 =Xhgw -----END PGP SIGNATURE----- --Sr1nOIr3CvdE5hEN-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020429175901.GC321>