Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-3377

Опубликовано: 25 июн. 2007
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:nlnet_labs:net_dns:0.14:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.20:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.21:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.22:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.23:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.24:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.25:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.26:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.27:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.28:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.29:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.30:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.31:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.32:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.33:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.34:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.34_02:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.34_03:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.35:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.36:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.37:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.38:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.38_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.38_02:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.39:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.39_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.39_02:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.40:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.40_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.41:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.42:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.42_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.42_02:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.43:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.44:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.44_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.44_02:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.45:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.45_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.46:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.47:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.47_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.48:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.48_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.48_02:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.48_03:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.49:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.49_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.49_02:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.49_03:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.50:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.51:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.51_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.51_02:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.52:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.53:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.53_01:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.53_02:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.54:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.55:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.56:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.57:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.58:*:*:*:*:*:*:*
cpe:2.3:a:nlnet_labs:net_dns:0.59:*:*:*:*:*:*:*

EPSS

Процентиль: 85%
0.02766
Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu
около 18 лет назад

Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.

redhat
больше 18 лет назад

Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.

debian
около 18 лет назад

Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predic ...

github
больше 3 лет назад

Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.

oracle-oval
около 18 лет назад

ELSA-2007-0674: Moderate: perl-Net-DNS security update (MODERATE)

EPSS

Процентиль: 85%
0.02766
Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other