CVE-2007-3377

{"id": "CVE-2007-3377", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-06-25T21:30:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc", "source": "secalert@redhat.com"}, {"url": "http://osvdb.org/37053", "source": "secalert@redhat.com"}, {"url": "http://rt.cpan.org/Public/Bug/Display.html?id=23961", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/25829", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/26012", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/26014", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/26055", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/26075", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/26211", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/26231", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/26417", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/26508", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/26543", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/29354", "source": "secalert@redhat.com"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2008/dsa-1515", "source": "secalert@redhat.com"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:146", "source": "secalert@redhat.com"}, {"url": "http://www.net-dns.org/docs/Changes.html", "source": "secalert@redhat.com"}, {"url": "http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html", "tags": ["Exploit"], "source": "secalert@redhat.com"}, {"url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0674.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0675.html", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/473871/100/0/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/24669", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1018377", "source": "secalert@redhat.com"}, {"url": "http://www.trustix.org/errata/2007/0023/", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-483-1", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35112", "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin."}, {"lang": "es", "value": "Header.pm en Net::DNS anterior a 0.60, un m\u00f3dulo de Perl, (1) genera una secuencia predecible de IDs con un incremento fijo y (2) puede usar el mismo ID de inicio para todos los procesos hijos de un servidor de procesos (forking server), lo cual permite a atacantes remotos falsificar respuestas DNS, como fue reportado originalmente por qpsmtp y spamassassin."}], "lastModified": "2018-10-16T16:48:33.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A3F8288-E80E-4416-A35E-2FC674770306"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A27CF043-1321-496B-9108-EE25D02A7F3C"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FE8788B-BCCB-41AE-912E-30967CB013C6"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2642749C-5775-463C-99BF-65BFA43511D8"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93158931-1188-4A3A-9618-807FEE6CF931"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "596F8900-AD45-4E67-AAF3-C7FBEE652014"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFC4ECEB-AF4B-4FD3-84EC-332DCF25DE2F"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80AD4AD7-0C7C-46D9-BECA-1D976DC8E222"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13A99BD4-93A5-4612-A03F-BC1B96562870"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBB6C8C7-47BB-469C-9782-85D760EAB7F1"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99E29E16-B8D4-451B-9220-0F645BE73AF6"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AD3E5C6-D78F-49F7-AB3C-1A75EA2D7955"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9619E0C-CCB2-4E8D-BF5B-23349F8EDFB3"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1B76D7C-B71B-4842-99AE-250CD4742113"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB1B4E8B-A685-4125-AE82-889ECFB11292"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AA42E24-8E8C-47BF-981D-0DDEACB7C85A"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B251F23-AC12-4D8A-B071-96C32559D555"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.34_03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8427FF13-ACDF-4EA3-B041-8679C24DF168"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "057455DE-C224-4238-82F1-50E6D51EBFF7"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8EB93B5-AF57-49BC-88DB-25EB74C3B47E"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ABE1EFE-DE1E-4911-A59B-1CA18AB29A4F"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1EA67D3-F189-4F9B-AAA7-6E52CFC4A6E9"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D1A8851-EB4A-4975-9074-8E8C4FB4A9FE"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.38_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67F00C99-56DB-42D0-881C-936C4493844C"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3D66853-458F-4E5C-A776-75A127EBBF80"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9614850-6D38-4684-BC1C-26A17E1DC6B5"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.39_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD0D9A33-AD2D-40A5-A278-A3611AD07650"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3FE09B3-246E-4D0E-892B-F293D5A89E93"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.40_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86A242D8-C384-4B4F-802D-2F2A47D37347"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.41:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4E72969-C499-4A21-A249-CBE8B4A6AEE9"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3637217F-DD9F-4B0B-8770-78C8368A1BA4"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C206339B-FFAC-41BC-BF58-168582B98DED"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.42_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDEE87CB-CC27-4718-9ECA-496AD6FDD657"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F851BEDF-79E7-40C9-9096-7E2AB3E3AB4B"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F172DE4-0A0B-4888-AB2D-5F6158BC55CD"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DACDC9C0-38BA-4B3F-9FC1-1C961EBF74F6"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.44_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AA63AAD-BA74-4417-ACBD-3F382227B643"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9DAE58A-FED6-47E6-A43A-6971C7FFEEA5"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.45_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C237741-9665-4678-B119-E229EC5445B8"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCC6C3E1-1FCC-4364-BD70-DCDC5A5D6599"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F7003DD-CEA4-4E53-86C9-E5E0F040056F"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.47_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F47455B-6516-4477-9123-CD1FA56E2F6A"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE8D9F69-0897-49D4-8AD0-B6DF3610E1AE"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53FB0CED-224E-4B13-8A97-1DFF1DBAB1DA"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31CE516C-4E9E-4F6C-8ED7-EF47D7E00F05"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.48_03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32FA55F4-FCE0-4F4E-8E43-E000483BC6D8"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2776464-CCA5-40DF-B11B-D1D2FE39E08B"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D7F6BF8-F24C-476A-9736-F1B5337D190D"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FB40C38-F0EF-4A63-93B8-9DF4E1E4516E"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.49_03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC80294C-5546-4801-BFA3-C316EBF5140B"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5B162F4-E7BD-40B8-86AB-9862BD9DDEAC"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED8B1126-9489-477F-A032-0757778EEED1"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E1A150A-01B7-4BC2-B771-CE70F6AD5FFF"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.51_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12C0A474-00CA-4973-8AE6-1AC2C972E6A1"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.52:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AED1EED7-0F3D-497A-ADDE-99CD7749DCC6"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90355ECD-5083-49D4-9D17-BBF76EF17160"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0E6042D-4C88-4C9E-9268-4C84092CD0BF"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.53_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "466B49C9-1C53-40FA-BEA4-9BC3B87B6687"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.54:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C424C72-72CB-4866-893C-B671123A294D"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.55:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53A12927-4F5A-4203-BB82-8AD4439C309D"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.56:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAB395FD-E16E-4C57-AD68-5B0224992277"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.57:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65F4CB9D-1F87-4A5E-A333-8DEFFE94488C"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A071802-7789-4A3C-8749-34973F304EB2"}, {"criteria": "cpe:2.3:a:nlnet_labs:net_dns:0.59:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9CE8038-1F5B-4F58-8981-F3A9DEFFE3A1"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}