This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
Updated perl-Net-DNS packages that correct two security issues are now
available for Red Hat Enterprise Linux 3 and 5.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
Net::DNS is a collection of Perl modules that act as a Domain Name
System (DNS) resolver.
A flaw was found in the way Net::DNS generated the ID field in a DNS
query. This predictable ID field could be used by a remote attacker to
return invalid DNS data. (CVE-2007-3377)
A denial of service flaw was found in the way Net::DNS parsed certain
DNS requests. A malformed response to a DNS request could cause the
application using Net::DNS to crash or stop responding.
Users of Net::DNS should upgrade to these updated packages, which
contain backported patches to correct these issues.
See also :
Update the affected perl-Net-DNS package.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : false
Family: Red Hat Local Security Checks
Nessus Plugin ID: 25726 ()
Bugtraq ID: 24669
CVE ID: CVE-2007-3377CVE-2007-3409
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.