CVSS: 5.0EPSS: 95%CPEs: 30EXPL: 1CVE-2008-5081 – Avahi < 0.6.24 - mDNS Daemon Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-5081
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure. La función originates_from_local_legacy_unicast_socket (avahi-core/server.c)en avahi-daemon en Avahi anterior a v0.6.24 permite a atacantes remotos producir una denegación de servicio (caída) a través de un paquete mDNS manipulado con un puerto de origen de 0, que dispara un fallo de evaluación. Avahi-daemon versions prior to 0.6.24 can be DoSd with an mDNS packet with a source port of 0. • https://www.exploit-db.com/exploits/7520 http://avahi.org/milestone/Avahi%200.6.24 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html http://secunia.com/advisories/33153 http://secunia.com/advisories/33220 http://secunia.com/advisories/33279 http://secunia.com/advisories/33475 http://security.gentoo.org/glsa/glsa-200901-11.xml http://www.debian.org/security/2008/dsa-1690 http://www.openwall.com/lists/oss-security/2008/12/14/1 http://www • CWE-399: Resource Management Errors •
CVSS: 2.1EPSS: 2%CPEs: 1EXPL: 0CVE-2007-3372
https://notcve.org/view.php?id=CVE-2007-3372
The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error. El demonio Avahi en Avahi versiones anteriores a 0.6.20 permite a atacantes provocar una denegación de servicio (salida) mediante datos TXT vacíos a través de D-Bus, que dispara un error de aserción. • http://avahi.org/changeset/1482 http://avahi.org/milestone/Avahi%200.6.20 http://osvdb.org/37507 http://secunia.com/advisories/25811 http://secunia.com/advisories/26083 http://secunia.com/advisories/26791 http://secunia.com/advisories/33220 http://secunia.com/advisories/33279 http://www.debian.org/security/2008/dsa-1690 http://www.mandriva.com/security/advisories?name=MDKSA-2007:185 http://www.novell.com/linux/security/advisories/2007_14_sr.html http://www.sec •