CVE-2007-3377

Name of the Vulnerable Software and Affected Versions: Net::DNS versions prior to 0.60

Description: The issue concerns multiple vulnerabilities in the libnet-dns-perl package, which can lead to disruption of protected information availability. These vulnerabilities can be exploited remotely. Specifically, the Header.pm module in Net::DNS before version 0.60 generates predictable sequence IDs and can reuse the same starting ID for all child processes of a forking server. This allows remote attackers to spoof DNS responses.

Recommendations: For versions prior to 0.60, update to version 0.60 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable Header.pm module to minimize the risk of exploitation. Avoid using the predictable sequence IDs in the affected DNS responses until the issue is resolved.