[Secure-testing-team] Bug#702914: libnet-server-perl: CVE-2013-1841: Improper reverse DNS matching check for the given hostname
Salvatore Bonaccorso
carnil at debian.org
Tue Mar 12 21:52:40 UTC 2013
Package: libnet-server-perl
Severity: important
Tags: security
Control: forwarded -1 https://rt.cpan.org/Ticket/Display.html?id=83909
Hi
It was reported to the oss-security list[1] that libnet-server-perl
does not check the reverse DNS lookup hostname again by doing a
forward lookup and checking that it matches the original ip.
[1]: http://www.openwall.com/lists/oss-security/2013/03/04/10
See also
[2]: https://security-tracker.debian.org/CVE-2013-1841
[3]: https://rt.cpan.org/Ticket/Display.html?id=83909
Regards,
Salvatore
More information about the Secure-testing-team
mailing list