FreeBSD Security Advisory FreeBSD-SA-01:56 - Tcp_wrappers PARANOID option was not properly implemented and did not provide any more protection than regular host ACL's. This allows an attacker that can influence the results of reverse DNS lookups to get away with providing false information in his dns server.
ad80e6faf5a6c9ffb38faa496b3545f0d0fe76f6e412914ac56ca0b2f075ab46