Ubuntu Update For Libnet-dns-perl Vulnerabilities USN-483-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-483-1

Solution

Please Install the Updated Packages.

Insight

Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks. (CVE-2007-3377) Steffen Ullrich discovered that the Net::DNS Perl module did not correctly detect recursive compressed responses. A remote attacker could send a specially crafted packet, causing applications using Net::DNS to crash or monopolize CPU resources, leading to a denial of service. (CVE-2007-3409)

Affected

libnet-dns-perl vulnerabilities on Ubuntu 6.06 LTS , Ubuntu 6.10

Severity

Classification

CVE CVE-2007-3377, CVE-2007-3409
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for apt USN-1169-1
Ubuntu Update for curl USN-2474-1
Ubuntu Update for awstats vulnerability USN-1047-1
Ubuntu Update for acpi-support USN-2297-1
Ubuntu Update for curl USN-2346-1

Ubuntu Update for libnet-dns-perl vulnerabilities USN-483-1

Take action and discover your vulnerabilities