Upstream information
CVE-2008-5081 at MITRE
Description
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
CVSS v2 Scores
| National Vulnerability Database |
Base Score | 5 |
Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Access Vector | Network |
Access Complexity | Low |
Authentication | None |
Confidentiality Impact | None |
Integrity Impact | None |
Availability Impact | Partial |
SUSE Bugzilla entries:
459007 [RESOLVED / FIXED],
646961 [RESOLVED / DUPLICATE]
SUSE Security Advisories:
List of released packages
Product(s) | Fixed package version(s) | References |
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4 | avahi-compat-howl-devel >= 0.6.23-11.32.1
avahi-compat-mDNSResponder-devel >= 0.6.23-11.32.1
libavahi-devel >= 0.6.23-11.32.1
libhowl0 >= 0.6.23-11.32.1
python-avahi >= 0.6.23-11.32.1
| Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA avahi-compat-howl-devel-0.6.23-11.32.1 |
SUSE Linux Enterprise Micro 6.0 | avahi >= 0.8-4.6
libavahi-client3 >= 0.8-4.6
libavahi-common3 >= 0.8-4.6
libavahi-core7 >= 0.8-4.6
| Patchnames: SUSE Linux Enterprise Micro 6.0 GA avahi-0.8-4.6 |
SUSE Linux Enterprise Server 11 SP1 | avahi >= 0.6.23-11.19.22
avahi-lang >= 0.6.23-11.19.22
avahi-utils >= 0.6.23-11.19.22
libavahi-client3 >= 0.6.23-11.19.22
libavahi-client3-32bit >= 0.6.23-11.19.22
libavahi-client3-x86 >= 0.6.23-11.19.22
libavahi-common3 >= 0.6.23-11.19.22
libavahi-common3-32bit >= 0.6.23-11.19.22
libavahi-common3-x86 >= 0.6.23-11.19.22
libavahi-core5 >= 0.6.23-11.19.22
libdns_sd >= 0.6.23-11.19.22
libdns_sd-32bit >= 0.6.23-11.19.22
libdns_sd-x86 >= 0.6.23-11.19.22
| Patchnames: SUSE Linux Enterprise Server 11 SP1 GA avahi-0.6.23-11.19.22 |
SUSE Linux Enterprise Server 11 SP2 | avahi >= 0.6.23-11.19.22
avahi-lang >= 0.6.23-11.19.22
avahi-utils >= 0.6.23-11.19.22
libavahi-client3 >= 0.6.23-11.19.22
libavahi-client3-32bit >= 0.6.23-11.19.22
libavahi-client3-x86 >= 0.6.23-11.19.22
libavahi-common3 >= 0.6.23-11.19.22
libavahi-common3-32bit >= 0.6.23-11.19.22
libavahi-common3-x86 >= 0.6.23-11.19.22
libavahi-core5 >= 0.6.23-11.19.22
libdns_sd >= 0.6.23-11.19.22
libdns_sd-32bit >= 0.6.23-11.19.22
libdns_sd-x86 >= 0.6.23-11.19.22
| Patchnames: SUSE Linux Enterprise Server 11 SP2 GA avahi-0.6.23-11.19.22 |
SUSE Linux Enterprise Server 11 SP3 | avahi >= 0.6.23-11.30.4
avahi-lang >= 0.6.23-11.30.4
avahi-utils >= 0.6.23-11.30.4
libavahi-client3 >= 0.6.23-11.30.4
libavahi-client3-32bit >= 0.6.23-11.30.4
libavahi-client3-x86 >= 0.6.23-11.30.4
libavahi-common3 >= 0.6.23-11.30.4
libavahi-common3-32bit >= 0.6.23-11.30.4
libavahi-common3-x86 >= 0.6.23-11.30.4
libavahi-core5 >= 0.6.23-11.30.4
libdns_sd >= 0.6.23-11.30.4
libdns_sd-32bit >= 0.6.23-11.30.4
libdns_sd-x86 >= 0.6.23-11.30.4
| Patchnames: SUSE Linux Enterprise Server 11 SP3 GA avahi-0.6.23-11.30.4 |
SUSE Linux Enterprise Server 11 SP4 | avahi >= 0.6.23-11.32.1
avahi-compat-howl-devel >= 0.6.23-11.32.1
avahi-compat-mDNSResponder-devel >= 0.6.23-11.32.1
avahi-lang >= 0.6.23-11.32.1
avahi-utils >= 0.6.23-11.32.1
libavahi-client3 >= 0.6.23-11.32.1
libavahi-client3-32bit >= 0.6.23-11.32.1
libavahi-client3-x86 >= 0.6.23-11.32.1
libavahi-common3 >= 0.6.23-11.32.1
libavahi-common3-32bit >= 0.6.23-11.32.1
libavahi-common3-x86 >= 0.6.23-11.32.1
libavahi-core5 >= 0.6.23-11.32.1
libavahi-devel >= 0.6.23-11.32.1
libdns_sd >= 0.6.23-11.32.1
libdns_sd-32bit >= 0.6.23-11.32.1
libdns_sd-x86 >= 0.6.23-11.32.1
libhowl0 >= 0.6.23-11.32.1
python-avahi >= 0.6.23-11.32.1
| Patchnames: SUSE Linux Enterprise Server 11 SP4 GA avahi-0.6.23-11.32.1 SUSE Linux Enterprise Software Development Kit 11 SP4 GA avahi-compat-howl-devel-0.6.23-11.32.1 |
openSUSE Tumbleweed | avahi >= 0.8-7.2
avahi-autoipd >= 0.8-7.2
avahi-compat-howl-devel >= 0.8-7.2
avahi-compat-mDNSResponder-devel >= 0.8-7.2
avahi-lang >= 0.8-7.2
avahi-utils >= 0.8-7.2
libavahi-client3 >= 0.8-7.2
libavahi-client3-32bit >= 0.8-7.2
libavahi-common3 >= 0.8-7.2
libavahi-common3-32bit >= 0.8-7.2
libavahi-core7 >= 0.8-7.2
libavahi-devel >= 0.8-7.2
libavahi-libevent1 >= 0.8-7.2
libdns_sd >= 0.8-7.2
libdns_sd-32bit >= 0.8-7.2
libhowl0 >= 0.8-7.2
python36-avahi >= 0.8-7.2
python38-avahi >= 0.8-7.2
python39-avahi >= 0.8-7.2
| Patchnames: openSUSE-Tumbleweed-2024-10643 |
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 06:35:53 2013
CVE page last modified: Sat Jun 15 20:54:01 2024