SOL2617 - Reverse name resolution vulnerability in SSH - CVE-2003-0386

2007-05-16T00:00:00
ID SOL2617
Type f5
Reporter f5
Modified 2013-03-29T00:00:00

Description

OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address.

Information about this advisory is available at the following location:

Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0386>