Advisories » MGASA-2023-0120

Updated perl-Net-Server packages fix security vulnerability

Publication date: 31 Mar 2023
Modification date: 30 Mar 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2013-1841

Description

Net-Server, when the reverse-lookups option is enabled, does not check if
the hostname resolves to the source IP address, which might allow remote
attackers to bypass ACL restrictions via the hostname parameter.
(CVE-2013-1841)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31678
• https://lists.suse.com/pipermail/sle-security-updates/2023-March/014043.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1841

SRPMS

8/core

• perl-Net-Server-2.9.0-5.1.mga8