CVE-2025-62406

Summary: CVE-2025-62406 affects Piwigo. In version 15.6.0, the password-reset URL is constructed using the request Host header without validation, allowing an attacker who knows or guesses a username/email to send a password-reset link with a modified hostname to a target user. This could enable ...

CVE-2002-2103

Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities...

CVE-2012-3416

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOWADMINISTRATOR or ALLOWWRITE by connecting from a system with a spoofed reverse DNS hostname...

CVE-2012-3416

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOWADMINISTRATOR or ALLOWWRITE by connecting from a system with a spoofed reverse DNS hostname...

condor: host based authentication does not implement forward-confirmed reverse dns

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOWADMINISTRATOR or ALLOWWRITE by connecting from a system with a spoofed reverse DNS hostname...

CVE-2002-2103

CVE-2002-2103 affects Apache before 1.3.24. When writing to the log file, Apache may record a spoofed hostname from reverse DNS for an IP address, even if a double-reverse lookup fails, allowing remote attackers to hide the original source of activities. The provided documents do not include expl...

RedHat 6.1 / IRIX 6.5.18 - 'lpd' Command Execution

source: https://www.securityfocus.com/bid/927/info Multiple vulnerabilities have been discovered in lpd, shipped with various Linux and Unix distributions. It has been reported that lpd fails to properly authenticate hostnames. This could allow an unauthenticated user to gain access to lpd servic...