ID de Prueba:	1.3.6.1.4.1.25623.1.0.58928
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0674
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0674. Net::DNS is a collection of Perl modules that act as a Domain Name System (DNS) resolver. A flaw was found in the way Net::DNS generated the ID field in a DNS query. This predictable ID field could be used by a remote attacker to return invalid DNS data. (CVE-2007-3377) A denial of service flaw was found in the way Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding. (CVE-2007-3409) Users of Net::DNS should upgrade to these updated packages, which contain backported patches to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0674.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3377 1018377 http://www.securitytracker.com/id?1018377 2007-0023 http://www.trustix.org/errata/2007/0023/ 20070701-01-P ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc 20070717 rPSA-2007-0142-1 perl-Net-DNS http://www.securityfocus.com/archive/1/473871/100/0/threaded 24669 http://www.securityfocus.com/bid/24669 25829 http://secunia.com/advisories/25829 26012 http://secunia.com/advisories/26012 26014 http://secunia.com/advisories/26014 26055 http://secunia.com/advisories/26055 26075 http://secunia.com/advisories/26075 26211 http://secunia.com/advisories/26211 26231 http://secunia.com/advisories/26231 26417 http://secunia.com/advisories/26417 26508 http://secunia.com/advisories/26508 26543 http://secunia.com/advisories/26543 29354 http://secunia.com/advisories/29354 37053 http://osvdb.org/37053 DSA-1515 http://www.debian.org/security/2008/dsa-1515 GLSA-200708-06 http://www.gentoo.org/security/en/glsa/glsa-200708-06.xml MDKSA-2007:146 http://www.mandriva.com/security/advisories?name=MDKSA-2007:146 RHSA-2007:0674 http://www.redhat.com/support/errata/RHSA-2007-0674.html RHSA-2007:0675 http://www.redhat.com/support/errata/RHSA-2007-0675.html SUSE-SR:2007:017 http://www.novell.com/linux/security/advisories/2007_17_sr.html USN-483-1 http://www.ubuntu.com/usn/usn-483-1 http://rt.cpan.org/Public/Bug/Display.html?id=23961 http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm http://www.net-dns.org/docs/Changes.html http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4810.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245458 netdns-dns-responses-spoofing(35112) https://exchange.xforce.ibmcloud.com/vulnerabilities/35112 oval:org.mitre.oval:def:9904 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9904 Common Vulnerability Exposure (CVE) ID: CVE-2007-3409 1018376 http://www.securitytracker.com/id?1018376 37054 http://osvdb.org/37054 http://rt.cpan.org/Public/Bug/Display.html?id=27285 oval:org.mitre.oval:def:10595 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10595
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.