Search criteria
5 vulnerabilities found for net_dns by nlnet_labs
CVE-2007-3409 (GCVE-0-2007-3409)
Vulnerability from cvelistv5 – Published: 2007-06-26 18:00 – Updated: 2025-01-17 14:42
VLAI?
Summary
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:13.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "26417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26417"
},
{
"name": "29354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29354"
},
{
"name": "26014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26014"
},
{
"name": "26012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26012"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=27285"
},
{
"name": "oval:org.mitre.oval:def:10595",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10595"
},
{
"name": "DSA-1515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"name": "1018376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018376"
},
{
"name": "SUSE-SR:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"name": "26543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26543"
},
{
"name": "USN-483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "MDKSA-2007:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"name": "RHSA-2007:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"name": "26055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26055"
},
{
"name": "26211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26211"
},
{
"name": "26075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26075"
},
{
"name": "24669",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24669"
},
{
"name": "37054",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37054"
},
{
"name": "20070701-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "25829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25829"
},
{
"name": "GLSA-200708-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2007-3409",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-07T15:28:48.362608Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T14:42:59.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "26417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26417"
},
{
"name": "29354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29354"
},
{
"name": "26014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26014"
},
{
"name": "26012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26012"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=27285"
},
{
"name": "oval:org.mitre.oval:def:10595",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10595"
},
{
"name": "DSA-1515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"name": "1018376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018376"
},
{
"name": "SUSE-SR:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"name": "26543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26543"
},
{
"name": "USN-483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "MDKSA-2007:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"name": "RHSA-2007:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"name": "26055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26055"
},
{
"name": "26211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26211"
},
{
"name": "26075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26075"
},
{
"name": "24669",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24669"
},
{
"name": "37054",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37054"
},
{
"name": "20070701-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "25829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25829"
},
{
"name": "GLSA-200708-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-3409",
"datePublished": "2007-06-26T18:00:00",
"dateReserved": "2007-06-26T00:00:00",
"dateUpdated": "2025-01-17T14:42:59.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3377 (GCVE-0-2007-3377)
Vulnerability from cvelistv5 – Published: 2007-06-25 21:00 – Updated: 2024-08-07 14:14
VLAI?
Summary
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:12.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "26417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26417"
},
{
"name": "29354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29354"
},
{
"name": "26014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26014"
},
{
"name": "RHSA-2007:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"
},
{
"name": "oval:org.mitre.oval:def:9904",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"
},
{
"name": "26012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26012"
},
{
"name": "DSA-1515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"name": "SUSE-SR:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"name": "26543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26543"
},
{
"name": "netdns-dns-responses-spoofing(35112)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"
},
{
"name": "USN-483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "MDKSA-2007:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"name": "RHSA-2007:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"name": "26055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26055"
},
{
"name": "26211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26211"
},
{
"name": "37053",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37053"
},
{
"name": "26075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26075"
},
{
"name": "1018377",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018377"
},
{
"name": "26508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26508"
},
{
"name": "24669",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"
},
{
"name": "20070701-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "25829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25829"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"
},
{
"name": "GLSA-200708-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "26417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26417"
},
{
"name": "29354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29354"
},
{
"name": "26014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26014"
},
{
"name": "RHSA-2007:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"
},
{
"name": "oval:org.mitre.oval:def:9904",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"
},
{
"name": "26012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26012"
},
{
"name": "DSA-1515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"name": "SUSE-SR:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"name": "26543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26543"
},
{
"name": "netdns-dns-responses-spoofing(35112)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"
},
{
"name": "USN-483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "MDKSA-2007:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"name": "RHSA-2007:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"name": "26055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26055"
},
{
"name": "26211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26211"
},
{
"name": "37053",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37053"
},
{
"name": "26075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26075"
},
{
"name": "1018377",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018377"
},
{
"name": "26508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26508"
},
{
"name": "24669",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"
},
{
"name": "20070701-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "25829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25829"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"
},
{
"name": "GLSA-200708-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-3377",
"datePublished": "2007-06-25T21:00:00",
"dateReserved": "2007-06-25T00:00:00",
"dateUpdated": "2024-08-07T14:14:12.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3409 (GCVE-0-2007-3409)
Vulnerability from nvd – Published: 2007-06-26 18:00 – Updated: 2025-01-17 14:42
VLAI?
Summary
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:13.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "26417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26417"
},
{
"name": "29354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29354"
},
{
"name": "26014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26014"
},
{
"name": "26012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26012"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=27285"
},
{
"name": "oval:org.mitre.oval:def:10595",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10595"
},
{
"name": "DSA-1515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"name": "1018376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018376"
},
{
"name": "SUSE-SR:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"name": "26543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26543"
},
{
"name": "USN-483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "MDKSA-2007:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"name": "RHSA-2007:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"name": "26055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26055"
},
{
"name": "26211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26211"
},
{
"name": "26075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26075"
},
{
"name": "24669",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24669"
},
{
"name": "37054",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37054"
},
{
"name": "20070701-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "25829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25829"
},
{
"name": "GLSA-200708-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2007-3409",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-07T15:28:48.362608Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T14:42:59.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "26417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26417"
},
{
"name": "29354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29354"
},
{
"name": "26014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26014"
},
{
"name": "26012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26012"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=27285"
},
{
"name": "oval:org.mitre.oval:def:10595",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10595"
},
{
"name": "DSA-1515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"name": "1018376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018376"
},
{
"name": "SUSE-SR:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"name": "26543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26543"
},
{
"name": "USN-483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "MDKSA-2007:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"name": "RHSA-2007:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"name": "26055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26055"
},
{
"name": "26211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26211"
},
{
"name": "26075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26075"
},
{
"name": "24669",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24669"
},
{
"name": "37054",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37054"
},
{
"name": "20070701-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "25829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25829"
},
{
"name": "GLSA-200708-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-3409",
"datePublished": "2007-06-26T18:00:00",
"dateReserved": "2007-06-26T00:00:00",
"dateUpdated": "2025-01-17T14:42:59.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3377 (GCVE-0-2007-3377)
Vulnerability from nvd – Published: 2007-06-25 21:00 – Updated: 2024-08-07 14:14
VLAI?
Summary
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:12.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "26417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26417"
},
{
"name": "29354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29354"
},
{
"name": "26014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26014"
},
{
"name": "RHSA-2007:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"
},
{
"name": "oval:org.mitre.oval:def:9904",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"
},
{
"name": "26012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26012"
},
{
"name": "DSA-1515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"name": "SUSE-SR:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"name": "26543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26543"
},
{
"name": "netdns-dns-responses-spoofing(35112)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"
},
{
"name": "USN-483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "MDKSA-2007:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"name": "RHSA-2007:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"name": "26055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26055"
},
{
"name": "26211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26211"
},
{
"name": "37053",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37053"
},
{
"name": "26075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26075"
},
{
"name": "1018377",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018377"
},
{
"name": "26508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26508"
},
{
"name": "24669",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"
},
{
"name": "20070701-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "25829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25829"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"
},
{
"name": "GLSA-200708-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "26417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26417"
},
{
"name": "29354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29354"
},
{
"name": "26014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26014"
},
{
"name": "RHSA-2007:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"
},
{
"name": "oval:org.mitre.oval:def:9904",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"
},
{
"name": "26012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26012"
},
{
"name": "DSA-1515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"name": "SUSE-SR:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"name": "26543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26543"
},
{
"name": "netdns-dns-responses-spoofing(35112)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"
},
{
"name": "USN-483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "MDKSA-2007:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"name": "RHSA-2007:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"name": "26055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26055"
},
{
"name": "26211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26211"
},
{
"name": "37053",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37053"
},
{
"name": "26075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26075"
},
{
"name": "1018377",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018377"
},
{
"name": "26508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26508"
},
{
"name": "24669",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"
},
{
"name": "20070701-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "25829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25829"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"
},
{
"name": "GLSA-200708-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-3377",
"datePublished": "2007-06-25T21:00:00",
"dateReserved": "2007-06-25T00:00:00",
"dateUpdated": "2024-08-07T14:14:12.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2007-3377
Vulnerability from fkie_nvd - Published: 2007-06-25 21:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc | ||
| secalert@redhat.com | http://osvdb.org/37053 | ||
| secalert@redhat.com | http://rt.cpan.org/Public/Bug/Display.html?id=23961 | ||
| secalert@redhat.com | http://secunia.com/advisories/25829 | ||
| secalert@redhat.com | http://secunia.com/advisories/26012 | ||
| secalert@redhat.com | http://secunia.com/advisories/26014 | ||
| secalert@redhat.com | http://secunia.com/advisories/26055 | ||
| secalert@redhat.com | http://secunia.com/advisories/26075 | ||
| secalert@redhat.com | http://secunia.com/advisories/26211 | ||
| secalert@redhat.com | http://secunia.com/advisories/26231 | ||
| secalert@redhat.com | http://secunia.com/advisories/26417 | ||
| secalert@redhat.com | http://secunia.com/advisories/26508 | ||
| secalert@redhat.com | http://secunia.com/advisories/26543 | ||
| secalert@redhat.com | http://secunia.com/advisories/29354 | ||
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm | ||
| secalert@redhat.com | http://www.debian.org/security/2008/dsa-1515 | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:146 | ||
| secalert@redhat.com | http://www.net-dns.org/docs/Changes.html | ||
| secalert@redhat.com | http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html | Exploit | |
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2007_17_sr.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0674.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0675.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/473871/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/24669 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1018377 | ||
| secalert@redhat.com | http://www.trustix.org/errata/2007/0023/ | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-483-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458 | Patch | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/35112 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/37053 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rt.cpan.org/Public/Bug/Display.html?id=23961 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25829 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26012 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26014 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26055 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26075 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26211 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26231 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26417 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26543 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29354 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1515 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:146 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.net-dns.org/docs/Changes.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_17_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0674.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0675.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/473871/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/24669 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1018377 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2007/0023/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-483-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/35112 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nlnet_labs | net_dns | 0.14 | |
| nlnet_labs | net_dns | 0.20 | |
| nlnet_labs | net_dns | 0.21 | |
| nlnet_labs | net_dns | 0.22 | |
| nlnet_labs | net_dns | 0.23 | |
| nlnet_labs | net_dns | 0.24 | |
| nlnet_labs | net_dns | 0.25 | |
| nlnet_labs | net_dns | 0.26 | |
| nlnet_labs | net_dns | 0.27 | |
| nlnet_labs | net_dns | 0.28 | |
| nlnet_labs | net_dns | 0.29 | |
| nlnet_labs | net_dns | 0.30 | |
| nlnet_labs | net_dns | 0.31 | |
| nlnet_labs | net_dns | 0.32 | |
| nlnet_labs | net_dns | 0.33 | |
| nlnet_labs | net_dns | 0.34 | |
| nlnet_labs | net_dns | 0.34_02 | |
| nlnet_labs | net_dns | 0.34_03 | |
| nlnet_labs | net_dns | 0.35 | |
| nlnet_labs | net_dns | 0.36 | |
| nlnet_labs | net_dns | 0.37 | |
| nlnet_labs | net_dns | 0.38 | |
| nlnet_labs | net_dns | 0.38_01 | |
| nlnet_labs | net_dns | 0.38_02 | |
| nlnet_labs | net_dns | 0.39 | |
| nlnet_labs | net_dns | 0.39_01 | |
| nlnet_labs | net_dns | 0.39_02 | |
| nlnet_labs | net_dns | 0.40 | |
| nlnet_labs | net_dns | 0.40_01 | |
| nlnet_labs | net_dns | 0.41 | |
| nlnet_labs | net_dns | 0.42 | |
| nlnet_labs | net_dns | 0.42_01 | |
| nlnet_labs | net_dns | 0.42_02 | |
| nlnet_labs | net_dns | 0.43 | |
| nlnet_labs | net_dns | 0.44 | |
| nlnet_labs | net_dns | 0.44_01 | |
| nlnet_labs | net_dns | 0.44_02 | |
| nlnet_labs | net_dns | 0.45 | |
| nlnet_labs | net_dns | 0.45_01 | |
| nlnet_labs | net_dns | 0.46 | |
| nlnet_labs | net_dns | 0.47 | |
| nlnet_labs | net_dns | 0.47_01 | |
| nlnet_labs | net_dns | 0.48 | |
| nlnet_labs | net_dns | 0.48_01 | |
| nlnet_labs | net_dns | 0.48_02 | |
| nlnet_labs | net_dns | 0.48_03 | |
| nlnet_labs | net_dns | 0.49 | |
| nlnet_labs | net_dns | 0.49_01 | |
| nlnet_labs | net_dns | 0.49_02 | |
| nlnet_labs | net_dns | 0.49_03 | |
| nlnet_labs | net_dns | 0.50 | |
| nlnet_labs | net_dns | 0.51 | |
| nlnet_labs | net_dns | 0.51_01 | |
| nlnet_labs | net_dns | 0.51_02 | |
| nlnet_labs | net_dns | 0.52 | |
| nlnet_labs | net_dns | 0.53 | |
| nlnet_labs | net_dns | 0.53_01 | |
| nlnet_labs | net_dns | 0.53_02 | |
| nlnet_labs | net_dns | 0.54 | |
| nlnet_labs | net_dns | 0.55 | |
| nlnet_labs | net_dns | 0.56 | |
| nlnet_labs | net_dns | 0.57 | |
| nlnet_labs | net_dns | 0.58 | |
| nlnet_labs | net_dns | 0.59 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3F8288-E80E-4416-A35E-2FC674770306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A27CF043-1321-496B-9108-EE25D02A7F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE8788B-BCCB-41AE-912E-30967CB013C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "2642749C-5775-463C-99BF-65BFA43511D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "93158931-1188-4A3A-9618-807FEE6CF931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "596F8900-AD45-4E67-AAF3-C7FBEE652014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC4ECEB-AF4B-4FD3-84EC-332DCF25DE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "80AD4AD7-0C7C-46D9-BECA-1D976DC8E222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "13A99BD4-93A5-4612-A03F-BC1B96562870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB6C8C7-47BB-469C-9782-85D760EAB7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "99E29E16-B8D4-451B-9220-0F645BE73AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD3E5C6-D78F-49F7-AB3C-1A75EA2D7955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "C9619E0C-CCB2-4E8D-BF5B-23349F8EDFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B76D7C-B71B-4842-99AE-250CD4742113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "AB1B4E8B-A685-4125-AE82-889ECFB11292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA42E24-8E8C-47BF-981D-0DDEACB7C85A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34_02:*:*:*:*:*:*:*",
"matchCriteriaId": "9B251F23-AC12-4D8A-B071-96C32559D555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34_03:*:*:*:*:*:*:*",
"matchCriteriaId": "8427FF13-ACDF-4EA3-B041-8679C24DF168",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "057455DE-C224-4238-82F1-50E6D51EBFF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EB93B5-AF57-49BC-88DB-25EB74C3B47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABE1EFE-DE1E-4911-A59B-1CA18AB29A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EA67D3-F189-4F9B-AAA7-6E52CFC4A6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38_01:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1A8851-EB4A-4975-9074-8E8C4FB4A9FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38_02:*:*:*:*:*:*:*",
"matchCriteriaId": "67F00C99-56DB-42D0-881C-936C4493844C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "C3D66853-458F-4E5C-A776-75A127EBBF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39_01:*:*:*:*:*:*:*",
"matchCriteriaId": "C9614850-6D38-4684-BC1C-26A17E1DC6B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39_02:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0D9A33-AD2D-40A5-A278-A3611AD07650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.40:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FE09B3-246E-4D0E-892B-F293D5A89E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.40_01:*:*:*:*:*:*:*",
"matchCriteriaId": "86A242D8-C384-4B4F-802D-2F2A47D37347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E72969-C499-4A21-A249-CBE8B4A6AEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42:*:*:*:*:*:*:*",
"matchCriteriaId": "3637217F-DD9F-4B0B-8770-78C8368A1BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42_01:*:*:*:*:*:*:*",
"matchCriteriaId": "C206339B-FFAC-41BC-BF58-168582B98DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42_02:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEE87CB-CC27-4718-9ECA-496AD6FDD657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "F851BEDF-79E7-40C9-9096-7E2AB3E3AB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44:*:*:*:*:*:*:*",
"matchCriteriaId": "4F172DE4-0A0B-4888-AB2D-5F6158BC55CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44_01:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDC9C0-38BA-4B3F-9FC1-1C961EBF74F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44_02:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA63AAD-BA74-4417-ACBD-3F382227B643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "F9DAE58A-FED6-47E6-A43A-6971C7FFEEA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.45_01:*:*:*:*:*:*:*",
"matchCriteriaId": "3C237741-9665-4678-B119-E229EC5445B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC6C3E1-1FCC-4364-BD70-DCDC5A5D6599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7003DD-CEA4-4E53-86C9-E5E0F040056F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.47_01:*:*:*:*:*:*:*",
"matchCriteriaId": "5F47455B-6516-4477-9123-CD1FA56E2F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "AE8D9F69-0897-49D4-8AD0-B6DF3610E1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_01:*:*:*:*:*:*:*",
"matchCriteriaId": "53FB0CED-224E-4B13-8A97-1DFF1DBAB1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_02:*:*:*:*:*:*:*",
"matchCriteriaId": "31CE516C-4E9E-4F6C-8ED7-EF47D7E00F05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_03:*:*:*:*:*:*:*",
"matchCriteriaId": "32FA55F4-FCE0-4F4E-8E43-E000483BC6D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "E2776464-CCA5-40DF-B11B-D1D2FE39E08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_01:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7F6BF8-F24C-476A-9736-F1B5337D190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_02:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB40C38-F0EF-4A63-93B8-9DF4E1E4516E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_03:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80294C-5546-4801-BFA3-C316EBF5140B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B162F4-E7BD-40B8-86AB-9862BD9DDEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "ED8B1126-9489-477F-A032-0757778EEED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51_01:*:*:*:*:*:*:*",
"matchCriteriaId": "2E1A150A-01B7-4BC2-B771-CE70F6AD5FFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51_02:*:*:*:*:*:*:*",
"matchCriteriaId": "12C0A474-00CA-4973-8AE6-1AC2C972E6A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "AED1EED7-0F3D-497A-ADDE-99CD7749DCC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "90355ECD-5083-49D4-9D17-BBF76EF17160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53_01:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E6042D-4C88-4C9E-9268-4C84092CD0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53_02:*:*:*:*:*:*:*",
"matchCriteriaId": "466B49C9-1C53-40FA-BEA4-9BC3B87B6687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "2C424C72-72CB-4866-893C-B671123A294D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "53A12927-4F5A-4203-BB82-8AD4439C309D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DAB395FD-E16E-4C57-AD68-5B0224992277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "65F4CB9D-1F87-4A5E-A333-8DEFFE94488C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "4A071802-7789-4A3C-8749-34973F304EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "A9CE8038-1F5B-4F58-8981-F3A9DEFFE3A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin."
},
{
"lang": "es",
"value": "Header.pm en Net::DNS anterior a 0.60, un m\u00f3dulo de Perl, (1) genera una secuencia predecible de IDs con un incremento fijo y (2) puede usar el mismo ID de inicio para todos los procesos hijos de un servidor de procesos (forking server), lo cual permite a atacantes remotos falsificar respuestas DNS, como fue reportado originalmente por qpsmtp y spamassassin."
}
],
"id": "CVE-2007-3377",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-25T21:30:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/37053"
},
{
"source": "secalert@redhat.com",
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25829"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26012"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26014"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26055"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26075"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26211"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26231"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26417"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26543"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/29354"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"source": "secalert@redhat.com",
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/24669"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1018377"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26543"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.net-dns.org/docs/Changes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-483-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}