Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6341 to the following vulnerability: Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response. References: http://www.securiteam.com/unixfocus/6I00E0UKKQ.html https://rt.cpan.org/Public/Bug/Display.html?id=30316
This issue has no security impact. The flaw will cause Net::DNS to "croak", which in turn should be handled by the calling application. In the case of RHEL, the only known application that uses this functionality is Spamassassin. Spamassassin handles this failure gracefully and continues to function, minus the DNS tests.
This and similar vulnerabilities fixed in Net::DNS version 0.63.
Net::DNS version 0.63 is in rawhide.