CVE-2007-6341
published 2007-12-20CVE-2007-6341: Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program…
PriorityP423medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
9.55%
94.9th percentile
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libnet-dns-perl | < libnet-dns-perl 0.63-1 (bookworm) | libnet-dns-perl 0.63-1 (bookworm) |
| net_dns | net_dns | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
libnet-dns-perl vulnerability
vendor_ubuntu·2008-03-26
CVE-2007-6341 libnet-dns-perl vulnerability
Title: libnet-dns-perl vulnerability
Summary: libnet-dns-perl vulnerability
It was discovered that Net::DNS did not correctly validate the size
of DNS replies. A remote attacker could send a specially crafted DNS
response and cause applications using Net::DNS to abort, leading to a
denial of service.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Red Hat
Net:: DNS
vendor_redhat·2007-10-28·CVSS 5.0
CVE-2007-6341 [MEDIUM] Net:: DNS
Net:: DNS
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response.
Statement: Red Hat does not consider this flaw to be a security issue. For more information please see:
https://bugzilla.redhat.com/show_bug.cgi?id=426437
Debian
CVE-2007-6341: libnet-dns-perl - Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssa...
vendor_debian·2007·CVSS 5.0
CVE-2007-6341 [MEDIUM] CVE-2007-6341: libnet-dns-perl - Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssa...
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response.
Scope: local
bookworm: resolved (fixed in 0.63-1)
bullseye: resolved (fixed in 0.63-1)
forky: resolved (fixed in 0.63-1)
sid: resolved (fixed in 0.63-1)
trixie: resolved (fixed in 0.63-1)
GHSA
GHSA-84q5-9px8-9m43: Net/DNS/RR/A
ghsa_unreviewed·2022-05-01
CVE-2007-6341 [MEDIUM] CWE-119 GHSA-84q5-9px8-9m43: Net/DNS/RR/A
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response.
OSV
CVE-2007-6341: Net/DNS/RR/A
osv·2007-12-20·CVSS 5.0
CVE-2007-6341 [MEDIUM] CVE-2007-6341: Net/DNS/RR/A
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response.
No detection rules found.
http://search.cpan.org/src/OLAF/Net-DNS-0.63/Changeshttp://secunia.com/advisories/29343http://secunia.com/advisories/29354http://secunia.com/advisories/29446http://secunia.com/advisories/29555http://www.debian.org/security/2008/dsa-1515http://www.mandriva.com/security/advisories?name=MDVSA-2008:073http://www.securiteam.com/unixfocus/6I00E0UKKQ.htmlhttp://www.securityfocus.com/bid/26902http://www.securitytracker.com/id?1019104https://rt.cpan.org/Public/Bug/Display.html?id=30316https://usn.ubuntu.com/594-1/http://search.cpan.org/src/OLAF/Net-DNS-0.63/Changeshttp://secunia.com/advisories/29343http://secunia.com/advisories/29354http://secunia.com/advisories/29446http://secunia.com/advisories/29555http://www.debian.org/security/2008/dsa-1515http://www.mandriva.com/security/advisories?name=MDVSA-2008:073http://www.securiteam.com/unixfocus/6I00E0UKKQ.htmlhttp://www.securityfocus.com/bid/26902http://www.securitytracker.com/id?1019104https://rt.cpan.org/Public/Bug/Display.html?id=30316https://usn.ubuntu.com/594-1/
2007-12-20
Published