Vulnerability Name:

CVE-2007-3377 (CCN-35112)

Assigned:2006-12-22
Published:2006-12-22
Updated:2018-10-16
Summary:Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
CVSS v3 Severity:6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
6.4 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: SGI
Type: UNKNOWN
20070701-01-P

Source: MITRE
Type: CNA
CVE-2007-3377

Source: OSVDB
Type: UNKNOWN
37053

Source: CCN
Type: RHSA-2007-0674
Moderate: perl-Net-DNS security update

Source: CCN
Type: RHSA-2007-0675
Moderate: perl-Net-DNS security update

Source: CONFIRM
Type: UNKNOWN
http://rt.cpan.org/Public/Bug/Display.html?id=23961

Source: CCN
Type: SA25829
Perl Net::DNS Module Two Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
25829

Source: SECUNIA
Type: UNKNOWN
26012

Source: SECUNIA
Type: UNKNOWN
26014

Source: SECUNIA
Type: UNKNOWN
26055

Source: SECUNIA
Type: UNKNOWN
26075

Source: SECUNIA
Type: UNKNOWN
26211

Source: SECUNIA
Type: UNKNOWN
26231

Source: SECUNIA
Type: UNKNOWN
26417

Source: CCN
Type: SA26508
Avaya Products Perl Net::DNS and Apache Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
26508

Source: SECUNIA
Type: UNKNOWN
26543

Source: SECUNIA
Type: UNKNOWN
29354

Source: CCN
Type: SECTRACK ID: 1018377
Perl Net::DNS Perdicatable Sequence IDs Let Remote Users Spoof DNS Responses

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm

Source: CCN
Type: ASA-2007-351
perl-Net-DNS security update (RHSA-2007-0675)

Source: CCN
Type: ASA-2007-361
perl-Net-DNS security update (RHSA-2007-0674)

Source: DEBIAN
Type: UNKNOWN
DSA-1515

Source: DEBIAN
Type: DSA-1515
libnet-dns-perl -- several vulnerabilities

Source: CCN
Type: GLSA-200708-06
Net::DNS: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200708-06

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:146

Source: CCN
Type: Net::DNS Web site
Net::DNS

Source: CCN
Type: Net::DNS Changelog
Revision history for Net::DNS

Source: CONFIRM
Type: UNKNOWN
http://www.net-dns.org/docs/Changes.html

Source: MISC
Type: Exploit
http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html

Source: SUSE
Type: UNKNOWN
SUSE-SR:2007:017

Source: CCN
Type: OSVDB ID: 37053
Perl Net::DNS Header.pm Sequence ID Generation Weakness

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0674

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0675

Source: BUGTRAQ
Type: UNKNOWN
20070717 rPSA-2007-0142-1 perl-Net-DNS

Source: BID
Type: UNKNOWN
24669

Source: CCN
Type: BID-24669
Perl Net::DNS Remote Multiple Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1018377

Source: TRUSTIX
Type: UNKNOWN
2007-0023

Source: CCN
Type: USN-483-1
libnet-dns-perl vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-483-1

Source: CONFIRM
Type: Patch
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458

Source: XF
Type: UNKNOWN
netdns-dns-responses-spoofing(35112)

Source: XF
Type: UNKNOWN
netdns-dns-responses-spoofing(35112)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9904

Source: SUSE
Type: SUSE-SR:2007:017
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:nlnet_labs:net_dns:0.14:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.20:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.21:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.22:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.23:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.24:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.25:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.26:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.27:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.28:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.29:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.30:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.31:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.32:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.33:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.34:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.34_02:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.34_03:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.35:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.36:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.37:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.38:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.38_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.38_02:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.39:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.39_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.39_02:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.40:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.40_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.41:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.42:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.42_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.42_02:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.43:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.44:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.44_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.44_02:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.45:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.45_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.46:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.47:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.47_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.48:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.48_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.48_02:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.48_03:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.49:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.49_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.49_02:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.49_03:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.50:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.51:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.51_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.51_02:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.52:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.53:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.53_01:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.53_02:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.54:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.55:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.56:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.57:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.58:*:*:*:*:*:*:*
  • OR cpe:/a:nlnet_labs:net_dns:0.59:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20073377
    V
    		CVE-2007-3377
    2015-11-16
    oval:org.mitre.oval:def:20002
    P
    		DSA-1515-1 libnet-dns-perl - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:8232
    P
    		DSA-1515 libnet-dns-perl -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22552
    P
    		ELSA-2007:0674: perl-Net-DNS security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:9904
    V
    		Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin.
    2013-04-29
    oval:com.redhat.rhsa:def:20070674
    P
    		RHSA-2007:0674: perl-Net-DNS security update (Moderate)
    2008-03-20
    oval:org.debian:def:1515
    V
    		several vulnerabilities
    2008-03-11
    oval:com.redhat.rhsa:def:20070675
    P
    		RHSA-2007:0675: perl-Net-DNS security update (Moderate)
    2007-07-12
    BACK
    nlnet_labs net dns 0.14
    nlnet_labs net dns 0.20
    nlnet_labs net dns 0.21
    nlnet_labs net dns 0.22
    nlnet_labs net dns 0.23
    nlnet_labs net dns 0.24
    nlnet_labs net dns 0.25
    nlnet_labs net dns 0.26
    nlnet_labs net dns 0.27
    nlnet_labs net dns 0.28
    nlnet_labs net dns 0.29
    nlnet_labs net dns 0.30
    nlnet_labs net dns 0.31
    nlnet_labs net dns 0.32
    nlnet_labs net dns 0.33
    nlnet_labs net dns 0.34
    nlnet_labs net dns 0.34_02
    nlnet_labs net dns 0.34_03
    nlnet_labs net dns 0.35
    nlnet_labs net dns 0.36
    nlnet_labs net dns 0.37
    nlnet_labs net dns 0.38
    nlnet_labs net dns 0.38_01
    nlnet_labs net dns 0.38_02
    nlnet_labs net dns 0.39
    nlnet_labs net dns 0.39_01
    nlnet_labs net dns 0.39_02
    nlnet_labs net dns 0.40
    nlnet_labs net dns 0.40_01
    nlnet_labs net dns 0.41
    nlnet_labs net dns 0.42
    nlnet_labs net dns 0.42_01
    nlnet_labs net dns 0.42_02
    nlnet_labs net dns 0.43
    nlnet_labs net dns 0.44
    nlnet_labs net dns 0.44_01
    nlnet_labs net dns 0.44_02
    nlnet_labs net dns 0.45
    nlnet_labs net dns 0.45_01
    nlnet_labs net dns 0.46
    nlnet_labs net dns 0.47
    nlnet_labs net dns 0.47_01
    nlnet_labs net dns 0.48
    nlnet_labs net dns 0.48_01
    nlnet_labs net dns 0.48_02
    nlnet_labs net dns 0.48_03
    nlnet_labs net dns 0.49
    nlnet_labs net dns 0.49_01
    nlnet_labs net dns 0.49_02
    nlnet_labs net dns 0.49_03
    nlnet_labs net dns 0.50
    nlnet_labs net dns 0.51
    nlnet_labs net dns 0.51_01
    nlnet_labs net dns 0.51_02
    nlnet_labs net dns 0.52
    nlnet_labs net dns 0.53
    nlnet_labs net dns 0.53_01
    nlnet_labs net dns 0.53_02
    nlnet_labs net dns 0.54
    nlnet_labs net dns 0.55
    nlnet_labs net dns 0.56
    nlnet_labs net dns 0.57
    nlnet_labs net dns 0.58
    nlnet_labs net dns 0.59