Lucene search
Gentoo FoundationMGASA-2023-0120HistoryMar 31, 2023 - 3:13 a.m.
Updated perl-Net-Server packages fix security vulnerability
2023-03-3103:13:46
Gentoo Foundation
advisories.mageia.org
13
net-server reverse-lookups hostname bypass acl unix
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.011
Percentile
84.6%
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter. (CVE-2013-1841)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 8 | noarch | perl-net-server | < 2.9.0-5.1 | perl-Net-Server-2.9.0-5.1.mga8 |
Related
nessus
nessus
veracode
veracode
Privilege Escalation
2022-12-15 11:46:30
prion
prion
Design/Logic Flaw
2014-06-13 14:55:00
cvelist
cvelist
CVE-2013-1841
2014-06-13 14:00:00
debiancve
debiancve
CVE-2013-1841
2014-06-13 14:55:11
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0120)
2023-03-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0759-1)
2023-03-28 00:00:00
ubuntucve
ubuntucve
CVE-2013-1841
2014-06-13 00:00:00
cve
cve
CVE-2013-1841
2014-06-13 14:55:11
nvd
nvd
CVE-2013-1841
2014-06-13 14:55:11
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.011
Percentile
84.6%
Related for MGASA-2023-0120