Vulnerability Details CVE-2013-1841
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.6%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.openwall.com/lists/oss-security/2013/03/04/10
- http://www.openwall.com/lists/oss-security/2013/03/12/2
- http://www.securityfocus.com/bid/58309
- https://bugzilla.redhat.com/show_bug.cgi?id=920683
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82900
- http://www.openwall.com/lists/oss-security/2013/03/04/10
- http://www.openwall.com/lists/oss-security/2013/03/12/2
- http://www.securityfocus.com/bid/58309
- https://bugzilla.redhat.com/show_bug.cgi?id=920683
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82900
Products affected by CVE-2013-1841
-
cpe:2.3:a:seamons:net-server:-