Ubuntu Security Notice (C) 2007-2013 Canonical, Inc. / NASL script (C) 2007-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Peter Johannes Holzer discovered that the Net::DNS Perl module had
predictable sequence numbers. This could allow remote attackers to
carry out DNS spoofing, leading to possible man-in-the-middle attacks.
Steffen Ullrich discovered that the Net::DNS Perl module did not
correctly detect recursive compressed responses. A remote attacker
could send a specially crafted packet, causing applications using
Net::DNS to crash or monopolize CPU resources, leading to a denial of
Update the affected libnet-dns-perl package.
Risk factor :
Medium / CVSS Base Score : 4.3