3 results (0.010 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet. Apple Bonjour antes del 2011, permite un bloqueo por medio de un paquete DNS multicast diseñado. • https://opensource.apple.com/source/mDNSResponder/mDNSResponder-541/mDNSPosix/ReadMe.txt • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 1%CPEs: 6EXPL: 1

mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour for Windows before 1.0.5 allows attackers to cause a denial of service (NULL pointer dereference and application crash) by resolving a crafted .local domain name that contains a long label. mDNSResponder de Bonjour Namespace Provider en Apple Bonjour para Windows versiones anteriores a la 1.0.5, permite a atacantes provocar una denegación de servicio (puntero NULO sin referencia y caída de aplicación) resolviendo un nombre de dominio .local manipulado que contiene una etiqueta larga.ñ • https://www.exploit-db.com/exploits/32350 http://lists.apple.com/archives/security-announce//2008/Sep/msg00002.html http://secunia.com/advisories/31822 http://support.apple.com/kb/HT2990 http://www.securityfocus.com/bid/31091 http://www.securitytracker.com/id?1020845 http://www.vupen.com/english/advisories/2008/2524 https://exchange.xforce.ibmcloud.com/vulnerabilities/45005 • CWE-20: Improper Input Validation •

CVSS: 6.4EPSS: 2%CPEs: 6EXPL: 0

mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an application uses the Bonjour API for unicast DNS, does not choose random values for transaction IDs or source ports in DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. mDNSResponder en Apple Bonjour para Windows anterior a 1.0.5, cuando una aplicación usa la API Bonjour para DNS unicast, no escoge valores aleatorios para las transacciones IDs u origen de puertos en las peticiones DNS, lo que facilita a atacantes remotos falsear las respuestas DNS. Vulnerabilidad distinta de CVE-2008-1447. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00002.html http://secunia.com/advisories/31822 http://support.apple.com/kb/HT2990 http://www.securityfocus.com/bid/31093 http://www.securitytracker.com/id?1020844 http://www.vupen.com/english/advisories/2008/2524 •