Vulnerability in Net::DNS 0.60
Denis Beauchemin
Denis.Beauchemin at USherbrooke.ca
Fri Jan 4 19:02:29 GMT 2008
Hello all,
I just read the following:
07.52.14 CVE: CVE-2007-6341
Platform: Linux
Title: Perl Net::DNS DNS Response Remote Denial of Service
Description: The Perl Net::DNS module allows scripts written in Perl
to perform DNS queries. The application is exposed to a remote denial
of service issue due to a failure of the module to properly handle
malformed DNS responses. DNS version 0.60 is affected.
Ref: https://rt.cpan.org/Public/Bug/Display.html?id=30316
Julian, your easy Clam+SA install package contains Net::DNS 0.60. The
current version is 0.62.
Denis
--
Denis Beauchemin, analyste
Université de Sherbrooke, S.T.I.
T: 819.821.8000x62252 F: 819.821.8045
More information about the MailScanner
mailing list