CVE-2008-5081

Published: Dec 17, 2008Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.

Affected (30)

Products: Avahi: Avahi

1 product

Configuration A

30 vulnerable

Vulnerable Software	Affected Versions
Avahi Avahi	Up to 0.6.23
Avahi Avahi	Version 0.1
Avahi Avahi	Version 0.2
Avahi Avahi	Version 0.3
Avahi Avahi	Version 0.4
Avahi Avahi	Version 0.5.1
Avahi Avahi	Version 0.5.2
Avahi Avahi	Version 0.5
Avahi Avahi	Version 0.6.10
Avahi Avahi	Version 0.6.11
Avahi Avahi	Version 0.6.12
Avahi Avahi	Version 0.6.13
Avahi Avahi	Version 0.6.14
Avahi Avahi	Version 0.6.15
Avahi Avahi	Version 0.6.16
Avahi Avahi	Version 0.6.17
Avahi Avahi	Version 0.6.18
Avahi Avahi	Version 0.6.19
Avahi Avahi	Version 0.6.1
Avahi Avahi	Version 0.6.20
Avahi Avahi	Version 0.6.21
Avahi Avahi	Version 0.6.22
Avahi Avahi	Version 0.6.2
Avahi Avahi	Version 0.6.3
Avahi Avahi	Version 0.6.4
Avahi Avahi	Version 0.6.5
Avahi Avahi	Version 0.6.6
Avahi Avahi	Version 0.6.7
Avahi Avahi	Version 0.6.8
Avahi Avahi	Version 0.6.9

Related CWEs

References (26)

http://avahi.org/milestone/Avahi%200.6.24

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html

Source: secalert@redhat.com

http://secunia.com/advisories/33153

Source: secalert@redhat.com

http://secunia.com/advisories/33220

Source: secalert@redhat.com

http://secunia.com/advisories/33279

Source: secalert@redhat.com

http://secunia.com/advisories/33475

Source: secalert@redhat.com

http://security.gentoo.org/glsa/glsa-200901-11.xml

Source: secalert@redhat.com

http://www.debian.org/security/2008/dsa-1690

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2008/12/14/1

Source: secalert@redhat.com

http://www.securityfocus.com/bid/32825

Source: secalert@redhat.com

http://www.ubuntu.com/usn/usn-696-1

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9987

Source: secalert@redhat.com

https://www.exploit-db.com/exploits/7520

Source: secalert@redhat.com

http://avahi.org/milestone/Avahi%200.6.24

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/33153

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/33220

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/33279

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/33475

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200901-11.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2008/dsa-1690

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2008/12/14/1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/32825

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/usn-696-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9987

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/7520

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.