MidnightBSD

Advisories for net-dns

CVE-2007-3409 MEDIUM

Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-674,CWE-674,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 6.10
debian debian_linux 3.1
debian debian_linux 4.0
net-dns net::dns *