Oval Definition:oval:com.redhat.rhsa:def:20070674
Revision Date:2008-03-20Version:636
Title:RHSA-2007:0674: perl-Net-DNS security update (Moderate)
Description:Net::DNS is a collection of Perl modules that act as a Domain Name System (DNS) resolver.

  • A flaw was found in the way Net::DNS generated the ID field in a DNS query. This predictable ID field could be used by a remote attacker to return invalid DNS data. (CVE-2007-3377)

  • A denial of service flaw was found in the way Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding. (CVE-2007-3409)

    Users of Net::DNS should upgrade to these updated packages, which contain backported patches to correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-3377
    CVE-2007-3409
    RHSA-2007:0674
    RHSA-2007:0674-01
    RHSA-2007:0674-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND perl-Net-DNS is earlier than 0:0.31-4.el3
  • AND perl-Net-DNS is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND perl-Net-DNS is earlier than 0:0.59-3.el5
  • AND perl-Net-DNS is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND perl-Net-DNS is earlier than 0:0.59-3.el5
  • AND perl-Net-DNS is signed with Red Hat redhatrelease2 key
    • BACK