Launchpad.net

CVE 2013-1841

Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter.

See the CVE page on Mitre.org for more details.