Ubuntu 6.06 LTS / 6.10 : libnet-dns-perl vulnerabilities (USN-483-1)

Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks. CVE-2007-3377 Steffen Ullrich discovered that the Net::DNS Perl module did not correctly...

Net::DNS: Multiple vulnerabilities

Background Net::DNS is a Perl implementation of a DNS resolver. Description hjp discovered an error when handling DNS query IDs which make them partially predictable. Steffen Ullrich discovered an error in the dnexpand function which could lead to an endless loop. Impact A remote attacker could...