ID de Prueba:	1.3.6.1.4.1.25623.1.0.58442
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:146 (perl-Net-DNS)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to perl-Net-DNS announced via advisory MDKSA-2007:146. A flaw was discovered in the perl Net::DNS module in the way it generated the ID field in a DNS query. Because it is so predictable, a remote attacker could exploit this to return invalid DNS data (CVE-2007-3377). A denial of service vulnerability was found in how Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding (CVE-2007-3409). The updated packages have been patched to prevent these issues. Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:146 Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3377 1018377 http://www.securitytracker.com/id?1018377 2007-0023 http://www.trustix.org/errata/2007/0023/ 20070701-01-P ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc 20070717 rPSA-2007-0142-1 perl-Net-DNS http://www.securityfocus.com/archive/1/473871/100/0/threaded 24669 http://www.securityfocus.com/bid/24669 25829 http://secunia.com/advisories/25829 26012 http://secunia.com/advisories/26012 26014 http://secunia.com/advisories/26014 26055 http://secunia.com/advisories/26055 26075 http://secunia.com/advisories/26075 26211 http://secunia.com/advisories/26211 26231 http://secunia.com/advisories/26231 26417 http://secunia.com/advisories/26417 26508 http://secunia.com/advisories/26508 26543 http://secunia.com/advisories/26543 29354 http://secunia.com/advisories/29354 37053 http://osvdb.org/37053 DSA-1515 http://www.debian.org/security/2008/dsa-1515 GLSA-200708-06 http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml MDKSA-2007:146 http://www.mandriva.com/security/advisories?name=MDKSA-2007:146 RHSA-2007:0674 http://www.redhat.com/support/errata/RHSA-2007-0674.html RHSA-2007:0675 http://www.redhat.com/support/errata/RHSA-2007-0675.html SUSE-SR:2007:017 http://www.novell.com/linux/security/advisories/2007_17_sr.html USN-483-1 http://www.ubuntu.com/usn/usn-483-1 http://rt.cpan.org/Public/Bug/Display.html?id=23961 http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm http://www.net-dns.org/docs/Changes.html http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458 netdns-dns-responses-spoofing(35112) https://exchange.xforce.ibmcloud.com/vulnerabilities/35112 oval:org.mitre.oval:def:9904 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904 Common Vulnerability Exposure (CVE) ID: CVE-2007-3409 1018376 http://www.securitytracker.com/id?1018376 37054 http://osvdb.org/37054 http://rt.cpan.org/Public/Bug/Display.html?id=27285 oval:org.mitre.oval:def:10595 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10595
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.