CVE-2007-3377

Published Jun 25, 2007
Last updated 6 years ago
CVSS info 4.3
Overview

Description: Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: NVD-CWE-Other
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A3F8288-E80E-4416-A35E-2FC674770306"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A27CF043-1321-496B-9108-EE25D02A7F3C"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FE8788B-BCCB-41AE-912E-30967CB013C6"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2642749C-5775-463C-99BF-65BFA43511D8"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93158931-1188-4A3A-9618-807FEE6CF931"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "596F8900-AD45-4E67-AAF3-C7FBEE652014"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFC4ECEB-AF4B-4FD3-84EC-332DCF25DE2F"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80AD4AD7-0C7C-46D9-BECA-1D976DC8E222"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13A99BD4-93A5-4612-A03F-BC1B96562870"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBB6C8C7-47BB-469C-9782-85D760EAB7F1"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99E29E16-B8D4-451B-9220-0F645BE73AF6"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AD3E5C6-D78F-49F7-AB3C-1A75EA2D7955"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9619E0C-CCB2-4E8D-BF5B-23349F8EDFB3"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1B76D7C-B71B-4842-99AE-250CD4742113"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB1B4E8B-A685-4125-AE82-889ECFB11292"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AA42E24-8E8C-47BF-981D-0DDEACB7C85A"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B251F23-AC12-4D8A-B071-96C32559D555"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34_03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8427FF13-ACDF-4EA3-B041-8679C24DF168"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "057455DE-C224-4238-82F1-50E6D51EBFF7"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8EB93B5-AF57-49BC-88DB-25EB74C3B47E"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ABE1EFE-DE1E-4911-A59B-1CA18AB29A4F"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1EA67D3-F189-4F9B-AAA7-6E52CFC4A6E9"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D1A8851-EB4A-4975-9074-8E8C4FB4A9FE"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67F00C99-56DB-42D0-881C-936C4493844C"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3D66853-458F-4E5C-A776-75A127EBBF80"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9614850-6D38-4684-BC1C-26A17E1DC6B5"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD0D9A33-AD2D-40A5-A278-A3611AD07650"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3FE09B3-246E-4D0E-892B-F293D5A89E93"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.40_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86A242D8-C384-4B4F-802D-2F2A47D37347"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4E72969-C499-4A21-A249-CBE8B4A6AEE9"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3637217F-DD9F-4B0B-8770-78C8368A1BA4"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C206339B-FFAC-41BC-BF58-168582B98DED"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDEE87CB-CC27-4718-9ECA-496AD6FDD657"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.43:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F851BEDF-79E7-40C9-9096-7E2AB3E3AB4B"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F172DE4-0A0B-4888-AB2D-5F6158BC55CD"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DACDC9C0-38BA-4B3F-9FC1-1C961EBF74F6"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AA63AAD-BA74-4417-ACBD-3F382227B643"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.45:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9DAE58A-FED6-47E6-A43A-6971C7FFEEA5"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.45_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C237741-9665-4678-B119-E229EC5445B8"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.46:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCC6C3E1-1FCC-4364-BD70-DCDC5A5D6599"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.47:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F7003DD-CEA4-4E53-86C9-E5E0F040056F"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.47_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F47455B-6516-4477-9123-CD1FA56E2F6A"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE8D9F69-0897-49D4-8AD0-B6DF3610E1AE"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53FB0CED-224E-4B13-8A97-1DFF1DBAB1DA"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31CE516C-4E9E-4F6C-8ED7-EF47D7E00F05"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32FA55F4-FCE0-4F4E-8E43-E000483BC6D8"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2776464-CCA5-40DF-B11B-D1D2FE39E08B"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D7F6BF8-F24C-476A-9736-F1B5337D190D"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FB40C38-F0EF-4A63-93B8-9DF4E1E4516E"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC80294C-5546-4801-BFA3-C316EBF5140B"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5B162F4-E7BD-40B8-86AB-9862BD9DDEAC"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED8B1126-9489-477F-A032-0757778EEED1"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E1A150A-01B7-4BC2-B771-CE70F6AD5FFF"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12C0A474-00CA-4973-8AE6-1AC2C972E6A1"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.52:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AED1EED7-0F3D-497A-ADDE-99CD7749DCC6"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90355ECD-5083-49D4-9D17-BBF76EF17160"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0E6042D-4C88-4C9E-9268-4C84092CD0BF"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "466B49C9-1C53-40FA-BEA4-9BC3B87B6687"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.54:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C424C72-72CB-4866-893C-B671123A294D"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.55:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53A12927-4F5A-4203-BB82-8AD4439C309D"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.56:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAB395FD-E16E-4C57-AD68-5B0224992277"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.57:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65F4CB9D-1F87-4A5E-A333-8DEFFE94488C"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.58:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A071802-7789-4A3C-8749-34973F304EB2"
          },
          {
            "criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.59:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9CE8038-1F5B-4F58-8981-F3A9DEFFE3A1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
