Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Mageia 8 MGASA-2023-0120 Moderate: perl-Net-Server ACL Bypass

mageia
Calendar Grey March 31, 2023
Dist Mageia Esm H88
Mageia 2023-0120 releases an update for perl-Net-Server to rectify a security vulnerability related to ACL circumvention through hostname resolution.
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restricti...

Summary

Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter. (CVE-2013-1841)

References

- https://bugs.mageia.org/show_bug.cgi?id=31678

- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014043.html

- https://www.cve.org/CVERecord?id=CVE-2013-1841

Resolution

SRPMS

- 8/core/perl-Net-Server-2.9.0-5.1.mga8

Publication date: 31 Mar 2023
URL: https://advisories.mageia.org/MGASA-2023-0120.html
Type: security
CVE: CVE-2013-1841

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here