CVE-2001-1155

TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing.
References
Configurations

Configuration 1 (hide)

cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*

History

16 Feb 2024, 16:51

Type Values Removed Values Added
CVSS v2 : 7.5
v3 : unknown
v2 : 7.5
v3 : 9.8
CPE cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
References () ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:56.tcp_wrappers.asc - Patch, Vendor Advisory () ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:56.tcp_wrappers.asc - Broken Link, Patch, Vendor Advisory
References () http://www.osvdb.org/5454 - () http://www.osvdb.org/5454 - Broken Link
CWE NVD-CWE-Other CWE-863

Information

Published : 2001-08-23 04:00

Updated : 2024-02-16 16:51


NVD link : CVE-2001-1155

Mitre link : CVE-2001-1155

CVE.ORG link : CVE-2001-1155


JSON object : View

Products Affected

freebsd

  • freebsd
CWE
CWE-863

Incorrect Authorization