Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5081

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5081
Last Modified 21 Aug 2010 01:25:43
Published 16 Dec 2008 09:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5081

Summary

The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.

Vulnerable Systems

Application

  • Avahi 0.1

  • Avahi 0.2

  • Avahi 0.3

  • Avahi 0.4

  • Avahi 0.5

  • Avahi 0.5.1

  • Avahi 0.5.2

  • Avahi 0.6.1

  • Avahi 0.6.10

  • Avahi 0.6.11

  • Avahi 0.6.12

  • Avahi 0.6.13

  • Avahi 0.6.14

  • Avahi 0.6.15

  • Avahi 0.6.16

  • Avahi 0.6.17

  • Avahi 0.6.18

  • Avahi 0.6.19

  • Avahi 0.6.2

  • Avahi 0.6.20

  • Avahi 0.6.21

  • Avahi 0.6.22

  • Avahi 0.6.23

  • Avahi 0.6.3

  • Avahi 0.6.4

  • Avahi 0.6.5

  • Avahi 0.6.6

  • Avahi 0.6.7

  • Avahi 0.6.8

  • Avahi 0.6.9


References

UBUNTU - USN-696-1

BID - 32825

MLIST - [oss-security] 20081214 Avahi daemon DoS (CVE-2008-5081)

MILW0RM - 7520

DEBIAN - DSA-1690

GENTOO - GLSA-200901-11

SECUNIA - 33475

SECUNIA - 33279

SECUNIA - 33220

SECUNIA - 33153

SUSE - SUSE-SR:2009:003

CONFIRM - http://avahi.org/milestone/Avahi%200.6.24


Last Updated: 27 May 2016 10:48:42