Vulnerability Description
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Seamons | Net-Server | - |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2013/03/04/10
- http://www.openwall.com/lists/oss-security/2013/03/12/2
- http://www.securityfocus.com/bid/58309
- https://bugzilla.redhat.com/show_bug.cgi?id=920683
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82900
- http://www.openwall.com/lists/oss-security/2013/03/04/10
- http://www.openwall.com/lists/oss-security/2013/03/12/2
- http://www.securityfocus.com/bid/58309
- https://bugzilla.redhat.com/show_bug.cgi?id=920683
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82900
FAQ
What is CVE-2013-1841?
CVE-2013-1841 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname...
How severe is CVE-2013-1841?
CVE-2013-1841 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1841?
Check the references section above for vendor advisories and patch information. Affected products include: Seamons Net-Server.