Back to search
CVE-2009-0758
Published: Mar 3, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20090302 CVE id request: avahi
mailing-list
x_refsource_MLIST
MDVSA-2009:076
vendor-advisory
x_refsource_MANDRIVA
DSA-2086
vendor-advisory
x_refsource_DEBIAN
SUSE-SR:2010:002
vendor-advisory
x_refsource_SUSE
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=517683
x_refsource_MISC
33946
vdb-entry
x_refsource_BID
38420
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now