Published: 25/06/2007 Updated: 16/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Header.pm in Net::DNS prior to 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote malicious users to spoof DNS responses, as originally reported for qpsmtp and spamassassin.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nlnet labs net dns 0.14
nlnet labs net dns 0.20
nlnet labs net dns 0.28
nlnet labs net dns 0.29
nlnet labs net dns 0.34_03
nlnet labs net dns 0.35
nlnet labs net dns 0.39_01
nlnet labs net dns 0.39_02
nlnet labs net dns 0.44
nlnet labs net dns 0.44_01
nlnet labs net dns 0.48
nlnet labs net dns 0.48_01
nlnet labs net dns 0.50
nlnet labs net dns 0.51
nlnet labs net dns 0.55
nlnet labs net dns 0.56
nlnet labs net dns 0.21
nlnet labs net dns 0.22
nlnet labs net dns 0.30
nlnet labs net dns 0.31
nlnet labs net dns 0.36
nlnet labs net dns 0.37
nlnet labs net dns 0.40
nlnet labs net dns 0.40_01
nlnet labs net dns 0.41
nlnet labs net dns 0.44_02
nlnet labs net dns 0.45
nlnet labs net dns 0.48_02
nlnet labs net dns 0.48_03
nlnet labs net dns 0.51_01
nlnet labs net dns 0.51_02
nlnet labs net dns 0.52
nlnet labs net dns 0.57
nlnet labs net dns 0.58
nlnet labs net dns 0.26
nlnet labs net dns 0.27
nlnet labs net dns 0.34
nlnet labs net dns 0.34_02
nlnet labs net dns 0.38_02
nlnet labs net dns 0.39
nlnet labs net dns 0.42_02
nlnet labs net dns 0.43
nlnet labs net dns 0.47
nlnet labs net dns 0.47_01
nlnet labs net dns 0.49_02
nlnet labs net dns 0.49_03
nlnet labs net dns 0.53_02
nlnet labs net dns 0.54
nlnet labs net dns 0.23
nlnet labs net dns 0.24
nlnet labs net dns 0.25
nlnet labs net dns 0.32
nlnet labs net dns 0.33
nlnet labs net dns 0.38
nlnet labs net dns 0.38_01
nlnet labs net dns 0.42
nlnet labs net dns 0.42_01
nlnet labs net dns 0.45_01
nlnet labs net dns 0.46
nlnet labs net dns 0.49
nlnet labs net dns 0.49_01
nlnet labs net dns 0.53
nlnet labs net dns 0.53_01
nlnet labs net dns 0.59

Debian Bug report logs - #457445 libnet-dns-perl: CVE-2007-6341 possible remote denial of service vulnerability Package: libnet-dns-perl; Maintainer for libnet-dns-perl is Debian Perl Group <pkg-perl-maintainers@listsaliothdebianorg>; Source for libnet-dns-perl is src:libnet-dns-perl (PTS, buildd, popcon) Reported by: Nic ...

Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks (CVE-2007-3377) ...

CVE-2007-3377

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect