Cross-site Scripting Flaw - A security flaw involving unchecked HTML content. Recent versions have been patched and are no longer vulnerable. lwn.net/2001/1108/a/webalizer.php3
Remote Buffer Overflow - An attacker with command over his own DNS service could gain root access if reverse DNS lookups are configured. Recent versions have been fixed. online.securityfocus.com/archive/1/267551
