SuSE: 'webalizer' cross-site scripting vulnerability



                        SuSE Security Announcement

        Package:                webalizer
        Announcement-ID:        SuSE-SA:2001:040
        Date:                   Tuesday, Nov 06th, 2001 12.00 MET
        Affected SuSE versions: 7.1, 7.2, 7.3
        Vulnerability Type:     remote privilege escalation
                                (cross-site scripting)
        Severity (1-10):        5
        SuSE default package:   no
        Other affected systems: all linux-like systems using this version
                                of webalizer

        Content of this advisory:
        1) security vulnerability resolved: webalizer
           problem description, discussion, solution and upgrade information
        2) pending vulnerabilities, solutions, workarounds
        3) standard appendix (further information)


1)  problem description, brief discussion, solution, upgrade information

    The webalizer is a widely used tool for analyzing web server logs and
    produce statistics in HTML format.
    An exploitable bug was found in webalizer which allows a remote attacker
    to execute commands on other client machines or revealing sensitive
    information by placing HTML tags in the right place. This is possible
    due to missing sanity checks on untrusted data - hostnames and search
    keywords in this case - that are received by webalizer. This kind of attack
    is also known as "Cross-Site Scripting Vulnerability".
    Additionally the untrusted data will be written to files on the server
    running webalizer; this may lead to further problems when using this
    data as input for third-party software/scripts.

    There is no known temporary fix, so please update your system with
    the new RPMs from our FTP server.

    Download the update package from locations described below and install
    the package with the command:
        rpm -Uhv file.rpm
    The md5sum for each file is in the line below. You can verify the
    integrity of the rpm files using the command:
        rpm --checksig --nogpg file.rpm
    independently from the md5 signatures below.

    i386 Intel Platform:

    source rpm:

    source rpm:

    source rpm:

    Sparc Platform:

    source rpm:

    AXP Alpha Platform:

    source rpm:

    PPC Power PC Platform:

    source rpm:

    source rpm:


2)  Pending vulnerabilities in SuSE Distributions and Workarounds:

    - openssh
      After stabilizing the openssh package, updates for the distributions
      6.4-7.2 are currently being prepared. The update packages fix a security
      problem related to the recently discovered problems with source ip
      based access restrictions in a user's ~/.ssh/authorized_keys2 file.
      The packages will appear shortly on our ftp servers. Please note that
      packages for the distributions 6.3 and up including 7.0 containing
      cryptographic software are located on the German ftp server,
      all other packages can be found on at the usual location.
      We will issue a dedicated Security announcement for the openssh package.

    - nvi
      Takeshi Uno found a format tag vulnerability in all versions of nvi.
      The bug will be fixed in future version of SuSE Linux.

    - Please watch out for more announcements that are currently in our queue.


3)  standard appendix:

    SuSE runs two security mailing lists to which any interested party may

    [email protected]
        -   general/linux/SuSE security discussion.
            All SuSE security announcements are sent to this list.
            To subscribe, send an email to
                <[email protected]>.

    [email protected]
        -   SuSE's announce-only mailing list.
            Only SuSE's security annoucements are sent to this list.
            To subscribe, send an email to
                <[email protected]>.

    For general information or the frequently asked questions (faq)
    send mail to:
        <[email protected]> or
        <[email protected]> respectively.

    SuSE's security contact is <[email protected]>.


    The information in this advisory may be distributed or reproduced,
    provided that the advisory is not modified in any way.
    SuSE GmbH makes no warranties of any kind whatsoever with respect
    to the information contained in this security advisory.

SuSE: 'webalizer' cross-site scripting vulnerability

November 6, 2001




We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.