Ubuntu Update For Libnet-dns-perl Vulnerabilities USN-483-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-483-1

Solution

Please Install the Updated Packages.

Insight

Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks. (CVE-2007-3377) Steffen Ullrich discovered that the Net::DNS Perl module did not correctly detect recursive compressed responses. A remote attacker could send a specially crafted packet, causing applications using Net::DNS to crash or monopolize CPU resources, leading to a denial of service. (CVE-2007-3409)

Affected

libnet-dns-perl vulnerabilities on Ubuntu 6.06 LTS , Ubuntu 6.10

Severity

Classification

CVE CVE-2007-3377, CVE-2007-3409

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for apt USN-1169-1
Ubuntu Update for bind9 vulnerabilities USN-1025-1
Ubuntu Update for cups USN-2144-1
Ubuntu Update for clamav vulnerability USN-986-2
Ubuntu Update for clamav USN-1482-3

Ubuntu Update for libnet-dns-perl vulnerabilities USN-483-1

Take action and discover your vulnerabilities