CVE-2007-3377
published 2007-06-25CVE-2007-3377: Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
2.05%
78.8th percentile
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
Affected
65 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libnet-dns-perl | < libnet-dns-perl 0.60-1 (bookworm) | libnet-dns-perl 0.60-1 (bookworm) |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
| nlnet_labs | net_dns | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
libnet-dns-perl vulnerabilities
vendor_ubuntu·2007-07-13·CVSS 4.3
CVE-2007-3377 [MEDIUM] libnet-dns-perl vulnerabilities
Title: libnet-dns-perl vulnerabilities
Summary: libnet-dns-perl vulnerabilities
Peter Johannes Holzer discovered that the Net::DNS Perl module had
predictable sequence numbers. This could allow remote attackers to
carry out DNS spoofing, leading to possible machine-in-the-middle attacks.
(CVE-2007-3377)
Steffen Ullrich discovered that the Net::DNS Perl module did not correctly
detect recursive compressed responses. A remote attacker could send a
specially crafted packet, causing applications using Net::DNS to crash or
monopolize CPU resources, leading to a denial of service. (CVE-2007-3409)
Instructions: After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
Debian
CVE-2007-3377: libnet-dns-perl - Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequ...
vendor_debian·2007·CVSS 4.3
CVE-2007-3377 [MEDIUM] CVE-2007-3377: libnet-dns-perl - Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequ...
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
Scope: local
bookworm: resolved (fixed in 0.60-1)
bullseye: resolved (fixed in 0.60-1)
forky: resolved (fixed in 0.60-1)
sid: resolved (fixed in 0.60-1)
trixie: resolved (fixed in 0.60-1)
Red Hat
perl-Net-DNS security issue
vendor_redhat·2006-12-22·CVSS 4.3
CVE-2007-3377 [MEDIUM] perl-Net-DNS security issue
perl-Net-DNS security issue
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
GHSA
GHSA-2mqm-w9vq-9c5r: Header
ghsa_unreviewed·2022-05-03
CVE-2007-3377 [MEDIUM] GHSA-2mqm-w9vq-9c5r: Header
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
OSV
CVE-2007-3377: Header
osv·2007-06-25·CVSS 4.3
CVE-2007-3377 [MEDIUM] CVE-2007-3377: Header
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
No detection rules found.
No public exploits indexed.
ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.aschttp://osvdb.org/37053http://rt.cpan.org/Public/Bug/Display.html?id=23961http://secunia.com/advisories/25829http://secunia.com/advisories/26012http://secunia.com/advisories/26014http://secunia.com/advisories/26055http://secunia.com/advisories/26075http://secunia.com/advisories/26211http://secunia.com/advisories/26231http://secunia.com/advisories/26417http://secunia.com/advisories/26508http://secunia.com/advisories/26543http://secunia.com/advisories/29354http://support.avaya.com/elmodocs2/security/ASA-2007-351.htmhttp://www.debian.org/security/2008/dsa-1515http://www.gentoo.org/security/en/glsa/glsa-200708-06.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:146http://www.net-dns.org/docs/Changes.htmlhttp://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.htmlhttp://www.novell.com/linux/security/advisories/2007_17_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0674.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0675.htmlhttp://www.securityfocus.com/archive/1/473871/100/0/threadedhttp://www.securityfocus.com/bid/24669http://www.securitytracker.com/id?1018377http://www.trustix.org/errata/2007/0023/http://www.ubuntu.com/usn/usn-483-1https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458https://exchange.xforce.ibmcloud.com/vulnerabilities/35112https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.aschttp://osvdb.org/37053http://rt.cpan.org/Public/Bug/Display.html?id=23961http://secunia.com/advisories/25829http://secunia.com/advisories/26012http://secunia.com/advisories/26014http://secunia.com/advisories/26055http://secunia.com/advisories/26075http://secunia.com/advisories/26211http://secunia.com/advisories/26231http://secunia.com/advisories/26417http://secunia.com/advisories/26508http://secunia.com/advisories/26543http://secunia.com/advisories/29354http://support.avaya.com/elmodocs2/security/ASA-2007-351.htmhttp://www.debian.org/security/2008/dsa-1515http://www.gentoo.org/security/en/glsa/glsa-200708-06.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:146http://www.net-dns.org/docs/Changes.htmlhttp://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.htmlhttp://www.novell.com/linux/security/advisories/2007_17_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0674.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0675.htmlhttp://www.securityfocus.com/archive/1/473871/100/0/threadedhttp://www.securityfocus.com/bid/24669http://www.securitytracker.com/id?1018377http://www.trustix.org/errata/2007/0023/http://www.ubuntu.com/usn/usn-483-1https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458https://exchange.xforce.ibmcloud.com/vulnerabilities/35112https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904
2007-06-25
Published