Lucene search
K

738 matches found

Vulnrichment
Vulnrichment
added 2007/06/26 6:0 p.m.10 views

CVE-2007-3409

Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service stack consumption via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop...

6.7AI score0.03489EPSS
Exploits0References25
CVE
CVE
added 2007/06/26 6:0 p.m.96 views

CVE-2007-3409

CVE-2007-3409 affects the Perl module Net::DNS prior to version 0.60. The vulnerability stems from parsing a malformed compressed DNS packet with self-referencing pointers, which can trigger an infinite loop and cause denial of service (stack consumption/availability impact). Connected advisories...

7.5CVSS7.2AI score0.03489EPSS
Exploits0References25Affected Software1
Debian CVE
Debian CVE
added 2007/06/26 6:0 p.m.24 views

CVE-2007-3409

Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service stack consumption via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop...

7.5CVSS6.1AI score0.03489EPSS
Exploits0
Prion
Prion
added 2007/06/25 9:30 p.m.12 views

Code injection

Header.pm in Net::DNS before 0.60, a Perl module, 1 generates predictable sequence IDs with a fixed increment and 2 can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin...

4.3CVSS6.3AI score0.02049EPSS
Exploits1References31Affected Software1
UbuntuCve
UbuntuCve
added 2007/06/25 9:30 p.m.17 views

CVE-2007-3377

Header.pm in Net::DNS before 0.60, a Perl module, 1 generates predictable sequence IDs with a fixed increment and 2 can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin...

4.3CVSS5.9AI score0.02049EPSS
Exploits1References2
OSV
OSV
added 2007/06/25 9:30 p.m.6 views

CVE-2007-3377

Header.pm in Net::DNS before 0.60, a Perl module, 1 generates predictable sequence IDs with a fixed increment and 2 can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin...

7.4AI score
Exploits0References31
Debian CVE
Debian CVE
added 2007/06/25 9:0 p.m.26 views

CVE-2007-3377

Header.pm in Net::DNS before 0.60, a Perl module, 1 generates predictable sequence IDs with a fixed increment and 2 can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin...

4.3CVSS6.3AI score0.02049EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2007/06/14 10:9 a.m.4 views

mod_perl PerlRun denial of service

PerlRun.pm in Apache modperl before 1.30, and RegistryCooker.pm in modperl 2.x, does not properly escape PATHINFO before use in a regular expression, which allows remote attackers to cause a denial of service resource consumption via a crafted URI...

5CVSS7.4AI score0.10111EPSS
Exploits0References4
NVD
NVD
added 2007/05/02 6:19 p.m.11 views

CVE-2007-2459

Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...

7.8CVSS7.9AI score0.04926EPSS
Exploits0References11
Prion
Prion
added 2007/05/02 6:19 p.m.13 views

Heap overflow

Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...

7.8CVSS8.3AI score0.04926EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2007/05/02 6:19 p.m.5 views

CVE-2007-2459

Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...

7.9AI score
Exploits0References11
Cvelist
Cvelist
added 2007/05/02 6:0 p.m.14 views

CVE-2007-2459

Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...

7.8AI score0.04926EPSS
Exploits0References11
CVE
CVE
added 2007/05/02 6:0 p.m.58 views

CVE-2007-2459

CVE-2007-2459 describes a heap-based buffer overflow in libimager-perl’s BMP reader (bmp.c), affecting 0.45–0.56 and potentially enabling remote code execution or a denial of service via crafted 8‑bit/pixel compressed BMP files. Public records in Debian/DSA-1498-1 indicate a fixed version (0.50-1...

7.8CVSS7.8AI score0.04926EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2007/05/02 6:0 p.m.29 views

CVE-2007-2459

Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...

7.8CVSS7.7AI score0.04926EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.21 views

Debian DSA-960-3 : libmail-audit-perl - insecure temporary file creation

The former update caused temporary files to be created in the current working directory due to a wrong function argument. This update will create temporary files in the users home directory if HOME is set or in the common temporary directory otherwise, usually /tmp. For completeness below is a co...

2.1CVSS5.4AI score0.00353EPSS
Exploits0References3
OSV
OSV
added 2006/07/24 12:0 a.m.13 views

DSA-1122 libnet-server-perl - format string

Bulletin has no description...

5CVSS6.3AI score0.02698EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/03/17 12:0 a.m.27 views

Crypt::CBC: Insecure initialization vector

Background Crypt::CBC is a Perl module to encrypt data using cipher block chaining CBC. Description Lincoln Stein discovered that Crypt::CBC fails to handle 16 bytes long initializiation vectors correctly when running in the RandomIV mode, resulting in a weaker encryption because the second part ...

2.6CVSS6.4AI score0.01397EPSS
Exploits0
OSV
OSV
added 2006/02/25 11:2 a.m.7 views

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

6.4AI score
Exploits0References14
UbuntuCve
UbuntuCve
added 2006/02/25 11:2 a.m.23 views

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

2.6CVSS5.9AI score0.01397EPSS
Exploits0References1
Prion
Prion
added 2006/02/25 11:2 a.m.12 views

Code injection

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

2.6CVSS6.5AI score0.01397EPSS
Exploits0References14Affected Software1
Rows per page
Query Builder