Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-3409

Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.

Related bugs and status

CVE-2007-3409 (Candidate) is related to these bugs:

Bug #125236: Bugs in dn_expand (XS and PP) on mailformed packages

		In	Importance	Status
125236	Bugs in dn_expand (XS and PP) on mailformed packages	libnet-dns-perl (Ubuntu)	High	Fix Released
125236	Bugs in dn_expand (XS and PP) on mailformed packages	libnet-dns-perl (Ubuntu Feisty)	High	Fix Released
125236	Bugs in dn_expand (XS and PP) on mailformed packages	libnet-dns-perl (Ubuntu Dapper)	High	Fix Released
125236	Bugs in dn_expand (XS and PP) on mailformed packages	libnet-dns-perl (Ubuntu Edgy)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securitytra...
MISC: http://www.trustix.org...
MISC: ftp://patches.sgi.com/...
MISC: http://www.securityfoc...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://osvdb.org/37054
MISC: http://www.debian.org/...
MISC: http://www.gentoo.org/...
MISC: http://www.mandriva.co...
MISC: http://www.redhat.com/...
MISC: http://www.novell.com/...
MISC: http://www.ubuntu.com/...
MISC: http://rt.cpan.org/Pub...
MISC: http://www.net-dns.org...
MISC: https://oval.cisecurit...