CVE-2007-6341

Net::DNS 0.60 build 654 - Denial of Service via Crafted DNS Response

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6341. PoCs published by beSTORM.

AI-analyzed exploit summary This exploit is a Perl script that creates a UDP server to send a malformed DNS response, triggering a denial-of-service vulnerability in the Net::DNS module. The script listens on port 5351 and responds with a crafted DNS packet that causes applications using the affected module to crash.

Description

Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response.

Exploits (1)

exploitdb WORKING POC VERIFIED

by beSTORM · perldoslinux

https://www.exploit-db.com/exploits/30895

View Code ZIP pw:eip

This exploit is a Perl script that creates a UDP server to send a malformed DNS response, triggering a denial-of-service vulnerability in the Net::DNS module. The script listens on port 5351 and responds with a crafted DNS packet that causes applications using the affected module to crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Net::DNS 0.60

No auth needed

Prerequisites: Network access to the target system · Target application using Net::DNS module

MITRE ATT&CK