FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-3409

This CVE name corresponds to:

Entered Topic
2007-07-28 p5-Net-DNS -- multiple Vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-3409 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-3409
Phase Assigned(20070626)

Description

Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.

References

Source Reference
BUGTRAQ 20070717 rPSA-2007-0142-1 perl-Net-DNS
CONFIRM http://rt.cpan.org/Public/Bug/Display.html?id=27285
CONFIRM http://www.net-dns.org/docs/Changes.html
DEBIAN DSA-1515
GENTOO GLSA-200708-06
MANDRIVA MDKSA-2007:146
REDHAT RHSA-2007:0674
SGI 20070701-01-P
SUSE SUSE-SR:2007:017
TRUSTIX 2007-0023
UBUNTU USN-483-1
BID 24669
OSVDB 37054
OVAL oval:org.mitre.oval:def:10595
SECTRACK 1018376
SECUNIA 25829
SECUNIA 26014
SECUNIA 26055
SECUNIA 26012
SECUNIA 26075
SECUNIA 26211
SECUNIA 26231
SECUNIA 26417
SECUNIA 26543
SECUNIA 29354

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.