Denial of Service Vulnerability in Net::DNS Perl Module
CVE-2007-3409

7.5HIGH

Key Information:

Vendor

Nlnet Labs

Status
Net Dns
Vendor
CVE Published:
26 June 2007

What is CVE-2007-3409?

The Net::DNS Perl module versions prior to 0.60 are susceptible to a denial of service vulnerability that can be exploited by remote attackers. This occurs through the transmission of malformed compressed DNS packets containing self-referencing pointers, which can lead to an infinite loop within the module. As a result, an attacker may cause stack consumption, rendering the service unavailable. To mitigate this issue, it is crucial to update to the latest version of the Net::DNS module.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/26231
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/26417
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29354
third-party-advisoryx_refsource_SECUNIA

EPSS Score

12% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.