Menu
▾
▴
[AMaViS-user] Net::DNS .060 allows remote attackers to cause DOS
|
From: Michael S. <sch...@se...> - 2008-03-27 15:15:40
|
From: http://search.cpan.org/src/OLAF/Net-DNS-0.63/Changes Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver. Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6341). Packet parsing routines are now enclosed in eval blocks to trap exception and avoid premature termination of user program. Fix: Update to 0.63. Note: to Freebsd Ports SpamAssassin users: A minor update to SA will include dependency on 0.63. pt-Net-DNS was updated on ports tree 10 days ago: http://www.freebsd.org/cgi/query-pr.cgi?pr=120702 An official update to SA ports version 3.4.2_3 will be send to ports shortly. -- Michael Scheidell, CTO Main: 561-999-5000, Office: 561-939-7259 > *| *SECNAP Network Security Corporation Winner 2008 Technosium hot company award. www.technosium.com/hotcompanies/ <http://www.technosium.com/hotcompanies/> _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(tm). For Information please see http://www.spammertrap.com _________________________________________________________________________ |