Описание
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libnet-server-perl | fixed | 2.013-1 | package | |
| libnet-server-perl | ignored | bullseye | package | |
| libnet-server-perl | ignored | buster | package | |
| libnet-server-perl | ignored | stretch | package | |
| libnet-server-perl | ignored | jessie | package | |
| libnet-server-perl | ignored | wheezy | package | |
| libnet-server-perl | no-dsa | squeeze | package |
Примечания
https://rt.cpan.org/Ticket/Display.html?id=83909
2.011 upstream adds 'double_reverse_lookups' configuration and code as fix
for the issue, but does not enable the checks by default. They need to be
enabled by consumers by setting 'reverse_lookups=double' or double_reverse_lookups=1'.
EPSS
Связанные уязвимости
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter.
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter.
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter.
EPSS