CVE Vulnerabilities

CVE-2008-5081

Published: Dec 17, 2008 | Modified: Sep 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
3.3 MODERATE
AV:A/AC:L/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu

The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.

Affected Software

Name Vendor Start Version End Version
Avahi Avahi 0.1 0.1
Avahi Avahi 0.2 0.2
Avahi Avahi 0.3 0.3
Avahi Avahi 0.4 0.4
Avahi Avahi 0.5 0.5
Avahi Avahi 0.5.1 0.5.1
Avahi Avahi 0.5.2 0.5.2
Avahi Avahi 0.6.1 0.6.1
Avahi Avahi 0.6.2 0.6.2
Avahi Avahi 0.6.3 0.6.3
Avahi Avahi 0.6.4 0.6.4
Avahi Avahi 0.6.5 0.6.5
Avahi Avahi 0.6.6 0.6.6
Avahi Avahi 0.6.7 0.6.7
Avahi Avahi 0.6.8 0.6.8
Avahi Avahi 0.6.9 0.6.9
Avahi Avahi 0.6.10 0.6.10
Avahi Avahi 0.6.11 0.6.11
Avahi Avahi 0.6.12 0.6.12
Avahi Avahi 0.6.13 0.6.13
Avahi Avahi 0.6.14 0.6.14
Avahi Avahi 0.6.15 0.6.15
Avahi Avahi 0.6.16 0.6.16
Avahi Avahi 0.6.17 0.6.17
Avahi Avahi 0.6.18 0.6.18
Avahi Avahi 0.6.19 0.6.19
Avahi Avahi 0.6.20 0.6.20
Avahi Avahi 0.6.21 0.6.21
Avahi Avahi 0.6.22 0.6.22
Avahi Avahi * 0.6.23
Red Hat Enterprise Linux 5 RedHat avahi-0:0.6.16-1.el5_2.1 *
Avahi Ubuntu dapper *
Avahi Ubuntu devel *
Avahi Ubuntu gutsy *
Avahi Ubuntu hardy *
Avahi Ubuntu intrepid *
Avahi Ubuntu upstream *

References