CVE-2001-0835

Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly other versions, allows remote attackers to inject arbitrary HTML tags by specifying them in (1) search keywords embedded in HTTP referrer information, or (2) host names that are retrieved via a reverse DNS lookup.
Configurations

Configuration 1 (hide)

cpe:2.3:a:bradford_barrett:webalizer:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:36

Type Values Removed Values Added
References () http://lists.suse.com/archives/suse-security-announce/2001-Nov/0001.html - Patch, Vendor Advisory () http://lists.suse.com/archives/suse-security-announce/2001-Nov/0001.html - Patch, Vendor Advisory
References () http://marc.info/?l=bugtraq&m=100394630702875&w=2 - () http://marc.info/?l=bugtraq&m=100394630702875&w=2 -
References () http://www.linuxsecurity.com/advisories/other_advisory-1677.html - () http://www.linuxsecurity.com/advisories/other_advisory-1677.html -
References () http://www.mrunix.net/webalizer/news.html - Patch, Vendor Advisory () http://www.mrunix.net/webalizer/news.html - Patch, Vendor Advisory
References () http://www.redhat.com/support/errata/RHSA-2001-140.html - () http://www.redhat.com/support/errata/RHSA-2001-140.html -
References () http://www.redhat.com/support/errata/RHSA-2001-141.html - Patch, Vendor Advisory () http://www.redhat.com/support/errata/RHSA-2001-141.html - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/3473 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/3473 - Patch, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/7350 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/7350 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/7351 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/7351 -

Information

Published : 2001-12-06 05:00

Updated : 2024-11-20 23:36


NVD link : CVE-2001-0835

Mitre link : CVE-2001-0835

CVE.ORG link : CVE-2001-0835


JSON object : View

Products Affected

bradford_barrett

  • webalizer