CVE-2007-6341

2007-12-2000:00:00

ubuntu.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.186

Percentile

96.3%

JSON

Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as
SpamAssassin and OTRS, allows remote attackers to cause a denial of service
(program “croak”) via a crafted DNS response.

Notes

Author	Note
jdstrand	securiteam.com has reproducer should be fixed in 0.63-- check here http://www.net-dns.org/docs/Changes.html

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchlibnet-dns-perl< 0.53-2ubuntu1.1UNKNOWN
ubuntu6.10noarchlibnet-dns-perl< 0.57-1ubuntu1.1UNKNOWN
ubuntu7.04noarchlibnet-dns-perl< 0.59-1ubuntu0.2UNKNOWN
ubuntu7.10noarchlibnet-dns-perl< 0.60-1ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	libnet-dns-perl	< 0.53-2ubuntu1.1	UNKNOWN
ubuntu	6.10	noarch	libnet-dns-perl	< 0.57-1ubuntu1.1	UNKNOWN
ubuntu	7.04	noarch	libnet-dns-perl	< 0.59-1ubuntu0.2	UNKNOWN
ubuntu	7.10	noarch	libnet-dns-perl	< 0.60-1ubuntu0.1	UNKNOWN