Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.
http://www.ubuntu.com/usn/usn-483-1
http://www.mandriva.com/security/advisories?name=MDKSA-2007:146
http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml
http://www.debian.org/security/2008/dsa-1515
http://www.net-dns.org/docs/Changes.html
Source: Mitre, NVD
Published: 2007-06-26
Updated: 2025-04-09
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P
Severity: Medium
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: High
EPSS: 0.12389