Perl Net::DNS Perdicatable Sequence IDs Let Remote Users Spoof DNS Responses
|
|
SecurityTracker Alert ID: 1018377
|
|
SecurityTracker URL: http://securitytracker.com/id?1018377
|
|
CVE Reference: CVE-2007-3377
(Links to External Site)
|
Updated: Jul 13 2007
|
Original Entry Date: Jul 12 2007
|
Impact: Modification of user information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 0.60
|
Description: A vulnerability was reported in Perl Net::DNS. A remote user can spoof DNS responses.
The 'Header.pm' component generates predictable sequence IDs and uses the same starting ID for all child processes of a forking server. A remote user can spoof DNS responses.
|
Impact: A remote user can spoof DNS responses.
|
Solution: The vendor has issued a fixed version (0.60).
|
Vendor URL: www.net-dns.org/ (Links to External Site)
|
Cause: Randomization error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Thu, 12 Jul 2007 11:19:40 -0400
Subject: Net::DNS
|
CVE-2007-3377
CVE said:
Header.pm in before 0.60, a Perl module, (1) generates predictable sequence IDs with a
fixed increment and (2) can use the same starting ID for all child processes of a
forking server, which allows remote attackers to spoof DNS responses, as originally
reported for qpsmtp and spamassassin.
|
|
