5
CVE-2007-6341
- EPSS 9.55%
- Veröffentlicht 20.12.2007 23:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:52
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginNet/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.55% | 0.948 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/29354
http://www.debian.org/security/2008/dsa-1515
http://search.cpan.org/src/OLAF/Net-DNS-0.63/Changes
http://secunia.com/advisories/29343
http://secunia.com/advisories/29446
http://secunia.com/advisories/29555
http://www.mandriva.com/security/advisories?name=MDVSA-2008:073
http://www.securiteam.com/unixfocus/6I00E0UKKQ.html
http://www.securityfocus.com/bid/26902
http://www.securitytracker.com/id?1019104
https://rt.cpan.org/Public/Bug/Display.html?id=30316
https://usn.ubuntu.com/594-1/