CVE-2007-3409

Publication date 26 June 2007

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

7.5 · High

Score breakdown

Description

Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.

Status

Package Ubuntu Release Status
libnet-dns-perl 7.10 gutsy
Not affected
7.04 feisty
Fixed 0.59-1build1.1
6.10 edgy
Fixed 0.57-1ubuntu1
6.06 LTS dapper
Fixed 0.53-2ubuntu1

Severity score breakdown

CVSS version: CVSS v3.0

Base score 7.5 · High

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

    • USN-483-1
    • libnet-dns-perl vulnerabilities
    • 13 July 2007

Other references

Access our resources on patching vulnerabilities