{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-06-25T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "26231", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26231"}, {"name": "26417", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26417"}, {"name": "29354", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29354"}, {"name": "26014", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26014"}, {"name": "RHSA-2007:0675", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"}, {"name": "oval:org.mitre.oval:def:9904", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"}, {"name": "26012", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26012"}, {"name": "DSA-1515", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1515"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.net-dns.org/docs/Changes.html"}, {"name": "SUSE-SR:2007:017", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"}, {"name": "26543", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26543"}, {"name": "netdns-dns-responses-spoofing(35112)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"}, {"name": "USN-483-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-483-1"}, {"name": "2007-0023", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2007/0023/"}, {"name": "MDKSA-2007:146", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"}, {"name": "RHSA-2007:0674", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"}, {"name": "26055", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26055"}, {"name": "26211", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26211"}, {"name": "37053", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/37053"}, {"name": "26075", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26075"}, {"name": "1018377", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018377"}, {"name": "26508", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26508"}, {"name": "24669", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24669"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"}, {"name": "20070701-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"}, {"name": "25829", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25829"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"}, {"name": "GLSA-200708-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"}, {"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:14:12.944Z"}, "title": "CVE Program Container", "references": [{"name": "26231", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26231"}, {"name": "26417", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26417"}, {"name": "29354", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29354"}, {"name": "26014", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26014"}, {"name": "RHSA-2007:0675", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"}, {"name": "oval:org.mitre.oval:def:9904", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"}, {"name": "26012", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26012"}, {"name": "DSA-1515", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1515"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.net-dns.org/docs/Changes.html"}, {"name": "SUSE-SR:2007:017", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"}, {"name": "26543", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26543"}, {"name": "netdns-dns-responses-spoofing(35112)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"}, {"name": "USN-483-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-483-1"}, {"name": "2007-0023", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2007/0023/"}, {"name": "MDKSA-2007:146", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"}, {"name": "RHSA-2007:0674", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"}, {"name": "26055", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26055"}, {"name": "26211", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26211"}, {"name": "37053", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/37053"}, {"name": "26075", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26075"}, {"name": "1018377", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018377"}, {"name": "26508", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26508"}, {"name": "24669", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24669"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"}, {"name": "20070701-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"}, {"name": "25829", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25829"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"}, {"name": "GLSA-200708-06", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"}, {"name": "20070717 rPSA-2007-0142-1 perl-Net-DNS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-3377", "datePublished": "2007-06-25T21:00:00.000Z", "dateReserved": "2007-06-25T00:00:00.000Z", "dateUpdated": "2024-08-07T14:14:12.944Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.14:*:*:*:*:*:*:*", "matchCriteriaId": "2A3F8288-E80E-4416-A35E-2FC674770306", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.20:*:*:*:*:*:*:*", "matchCriteriaId": "A27CF043-1321-496B-9108-EE25D02A7F3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.21:*:*:*:*:*:*:*", "matchCriteriaId": "7FE8788B-BCCB-41AE-912E-30967CB013C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.22:*:*:*:*:*:*:*", "matchCriteriaId": "2642749C-5775-463C-99BF-65BFA43511D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.23:*:*:*:*:*:*:*", "matchCriteriaId": "93158931-1188-4A3A-9618-807FEE6CF931", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.24:*:*:*:*:*:*:*", "matchCriteriaId": "596F8900-AD45-4E67-AAF3-C7FBEE652014", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.25:*:*:*:*:*:*:*", "matchCriteriaId": "FFC4ECEB-AF4B-4FD3-84EC-332DCF25DE2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "80AD4AD7-0C7C-46D9-BECA-1D976DC8E222", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.27:*:*:*:*:*:*:*", "matchCriteriaId": "13A99BD4-93A5-4612-A03F-BC1B96562870", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.28:*:*:*:*:*:*:*", "matchCriteriaId": "BBB6C8C7-47BB-469C-9782-85D760EAB7F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.29:*:*:*:*:*:*:*", "matchCriteriaId": "99E29E16-B8D4-451B-9220-0F645BE73AF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.30:*:*:*:*:*:*:*", "matchCriteriaId": "6AD3E5C6-D78F-49F7-AB3C-1A75EA2D7955", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.31:*:*:*:*:*:*:*", "matchCriteriaId": "C9619E0C-CCB2-4E8D-BF5B-23349F8EDFB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.32:*:*:*:*:*:*:*", "matchCriteriaId": "F1B76D7C-B71B-4842-99AE-250CD4742113", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.33:*:*:*:*:*:*:*", "matchCriteriaId": "AB1B4E8B-A685-4125-AE82-889ECFB11292", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34:*:*:*:*:*:*:*", "matchCriteriaId": "0AA42E24-8E8C-47BF-981D-0DDEACB7C85A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34_02:*:*:*:*:*:*:*", "matchCriteriaId": "9B251F23-AC12-4D8A-B071-96C32559D555", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34_03:*:*:*:*:*:*:*", "matchCriteriaId": "8427FF13-ACDF-4EA3-B041-8679C24DF168", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.35:*:*:*:*:*:*:*", "matchCriteriaId": "057455DE-C224-4238-82F1-50E6D51EBFF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.36:*:*:*:*:*:*:*", "matchCriteriaId": "B8EB93B5-AF57-49BC-88DB-25EB74C3B47E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.37:*:*:*:*:*:*:*", "matchCriteriaId": "7ABE1EFE-DE1E-4911-A59B-1CA18AB29A4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38:*:*:*:*:*:*:*", "matchCriteriaId": "E1EA67D3-F189-4F9B-AAA7-6E52CFC4A6E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38_01:*:*:*:*:*:*:*", "matchCriteriaId": "4D1A8851-EB4A-4975-9074-8E8C4FB4A9FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38_02:*:*:*:*:*:*:*", "matchCriteriaId": "67F00C99-56DB-42D0-881C-936C4493844C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39:*:*:*:*:*:*:*", "matchCriteriaId": "C3D66853-458F-4E5C-A776-75A127EBBF80", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39_01:*:*:*:*:*:*:*", "matchCriteriaId": "C9614850-6D38-4684-BC1C-26A17E1DC6B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39_02:*:*:*:*:*:*:*", "matchCriteriaId": "DD0D9A33-AD2D-40A5-A278-A3611AD07650", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.40:*:*:*:*:*:*:*", "matchCriteriaId": "E3FE09B3-246E-4D0E-892B-F293D5A89E93", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.40_01:*:*:*:*:*:*:*", "matchCriteriaId": "86A242D8-C384-4B4F-802D-2F2A47D37347", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.41:*:*:*:*:*:*:*", "matchCriteriaId": "C4E72969-C499-4A21-A249-CBE8B4A6AEE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42:*:*:*:*:*:*:*", "matchCriteriaId": "3637217F-DD9F-4B0B-8770-78C8368A1BA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42_01:*:*:*:*:*:*:*", "matchCriteriaId": "C206339B-FFAC-41BC-BF58-168582B98DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42_02:*:*:*:*:*:*:*", "matchCriteriaId": "DDEE87CB-CC27-4718-9ECA-496AD6FDD657", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.43:*:*:*:*:*:*:*", "matchCriteriaId": "F851BEDF-79E7-40C9-9096-7E2AB3E3AB4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44:*:*:*:*:*:*:*", "matchCriteriaId": "4F172DE4-0A0B-4888-AB2D-5F6158BC55CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44_01:*:*:*:*:*:*:*", "matchCriteriaId": "DACDC9C0-38BA-4B3F-9FC1-1C961EBF74F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44_02:*:*:*:*:*:*:*", "matchCriteriaId": "9AA63AAD-BA74-4417-ACBD-3F382227B643", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.45:*:*:*:*:*:*:*", "matchCriteriaId": "F9DAE58A-FED6-47E6-A43A-6971C7FFEEA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.45_01:*:*:*:*:*:*:*", "matchCriteriaId": "3C237741-9665-4678-B119-E229EC5445B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.46:*:*:*:*:*:*:*", "matchCriteriaId": "FCC6C3E1-1FCC-4364-BD70-DCDC5A5D6599", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.47:*:*:*:*:*:*:*", "matchCriteriaId": "7F7003DD-CEA4-4E53-86C9-E5E0F040056F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.47_01:*:*:*:*:*:*:*", "matchCriteriaId": "5F47455B-6516-4477-9123-CD1FA56E2F6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48:*:*:*:*:*:*:*", "matchCriteriaId": "AE8D9F69-0897-49D4-8AD0-B6DF3610E1AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_01:*:*:*:*:*:*:*", "matchCriteriaId": "53FB0CED-224E-4B13-8A97-1DFF1DBAB1DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_02:*:*:*:*:*:*:*", "matchCriteriaId": "31CE516C-4E9E-4F6C-8ED7-EF47D7E00F05", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_03:*:*:*:*:*:*:*", "matchCriteriaId": "32FA55F4-FCE0-4F4E-8E43-E000483BC6D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49:*:*:*:*:*:*:*", "matchCriteriaId": "E2776464-CCA5-40DF-B11B-D1D2FE39E08B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_01:*:*:*:*:*:*:*", "matchCriteriaId": "1D7F6BF8-F24C-476A-9736-F1B5337D190D", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_02:*:*:*:*:*:*:*", "matchCriteriaId": "1FB40C38-F0EF-4A63-93B8-9DF4E1E4516E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_03:*:*:*:*:*:*:*", "matchCriteriaId": "EC80294C-5546-4801-BFA3-C316EBF5140B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.50:*:*:*:*:*:*:*", "matchCriteriaId": "E5B162F4-E7BD-40B8-86AB-9862BD9DDEAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51:*:*:*:*:*:*:*", "matchCriteriaId": "ED8B1126-9489-477F-A032-0757778EEED1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51_01:*:*:*:*:*:*:*", "matchCriteriaId": "2E1A150A-01B7-4BC2-B771-CE70F6AD5FFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51_02:*:*:*:*:*:*:*", "matchCriteriaId": "12C0A474-00CA-4973-8AE6-1AC2C972E6A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.52:*:*:*:*:*:*:*", "matchCriteriaId": "AED1EED7-0F3D-497A-ADDE-99CD7749DCC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53:*:*:*:*:*:*:*", "matchCriteriaId": "90355ECD-5083-49D4-9D17-BBF76EF17160", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53_01:*:*:*:*:*:*:*", "matchCriteriaId": "C0E6042D-4C88-4C9E-9268-4C84092CD0BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53_02:*:*:*:*:*:*:*", "matchCriteriaId": "466B49C9-1C53-40FA-BEA4-9BC3B87B6687", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.54:*:*:*:*:*:*:*", "matchCriteriaId": "2C424C72-72CB-4866-893C-B671123A294D", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.55:*:*:*:*:*:*:*", "matchCriteriaId": "53A12927-4F5A-4203-BB82-8AD4439C309D", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.56:*:*:*:*:*:*:*", "matchCriteriaId": "DAB395FD-E16E-4C57-AD68-5B0224992277", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.57:*:*:*:*:*:*:*", "matchCriteriaId": "65F4CB9D-1F87-4A5E-A333-8DEFFE94488C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.58:*:*:*:*:*:*:*", "matchCriteriaId": "4A071802-7789-4A3C-8749-34973F304EB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.59:*:*:*:*:*:*:*", "matchCriteriaId": "A9CE8038-1F5B-4F58-8981-F3A9DEFFE3A1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin."}, {"lang": "es", "value": "Header.pm en Net::DNS anterior a 0.60, un m\u00f3dulo de Perl, (1) genera una secuencia predecible de IDs con un incremento fijo y (2) puede usar el mismo ID de inicio para todos los procesos hijos de un servidor de procesos (forking server), lo cual permite a atacantes remotos falsificar respuestas DNS, como fue reportado originalmente por qpsmtp y spamassassin."}], "id": "CVE-2007-3377", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-06-25T21:30:00.000", "references": [{"source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"}, {"source": "secalert@redhat.com", "url": "http://osvdb.org/37053"}, {"source": "secalert@redhat.com", "url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25829"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26012"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26014"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26055"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26075"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26211"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26231"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26417"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26508"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26543"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/29354"}, {"source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1515"}, {"source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"}, {"source": "secalert@redhat.com", "url": "http://www.net-dns.org/docs/Changes.html"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"}, {"source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/24669"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1018377"}, {"source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2007/0023/"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-483-1"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/37053"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25829"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26012"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26014"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26075"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26211"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26231"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26417"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26508"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26543"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29354"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1515"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.net-dns.org/docs/Changes.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24669"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018377"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2007/0023/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-483-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2007:0674", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "perl-Net-DNS-0:0.31-4.el3", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2007-07-12T00:00:00Z"}, {"advisory": "RHSA-2007:0675", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "perl-Net-DNS-0:0.48-2.el4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2007-07-12T00:00:00Z"}, {"advisory": "RHSA-2007:0674", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "perl-Net-DNS-0:0.59-3.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2007-07-12T00:00:00Z"}], "bugzilla": {"description": "perl-Net-DNS security issue", "id": "245466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=245466"}, "csaw": false, "details": ["Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin."], "name": "CVE-2007-3377", "public_date": "2006-12-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-3377\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-3377"], "threat_severity": "Moderate"}

{}