Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201201-05
HistoryJan 22, 2012 - 12:00 a.m.

mDNSResponder: Multiple vulnerabilities

2012-01-2200:00:00
Gentoo Foundation
security.gentoo.org
33

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.418 Medium

EPSS

Percentile

97.3%

JSON

Background

mDNSResponder is a component of Apple’s Bonjour, an initiative for zero-configuration networking.

Description

Multiple vulnerabilities have been discovered in mDNSResponder. Please review the CVE identifiers referenced below for details.

Impact

A local or remote attacker may be able to execute arbitrary code with root privileges or cause a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All mDNSResponder users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-misc/mDNSResponder-212.1"

NOTE: This is a legacy GLSA. Updates for all affected architectures are available since November 21, 2009. It is likely that your system is already no longer affected by this issue.

OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-misc/mdnsresponder< 212.1UNKNOWN

Related

nessus 5
openvas 2
prion 6
cve 6
cert 1
kaspersky 1
seebug 4
canvas 1
securityvulns 2
nessus
nessus
GLSA-201201-05 : mDNSResponder: Multiple vulnerabilities
2012-01-23 00:00:00
Bonjour < 1.0.5 Multiple Vulnerabilities (APPLE-SA-2009-09-09)
2008-09-18 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2007-005)
2007-05-25 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201201-05 (mDNSResponder)
2012-02-12 00:00:00
Gentoo Security Advisory GLSA 201201-05 (mDNSResponder)
2012-02-12 00:00:00
prion
prion
Sql injection
2007-07-17 21:30:00
Buffer overflow
2007-05-24 22:30:00
Null pointer dereference
2008-09-11 01:10:00
cve
cve
CVE-2007-3828
2007-07-17 21:30:00
CVE-2007-2386
2007-05-24 22:30:00
CVE-2008-2326
2008-09-11 01:10:00
cert
cert
Apple Mac OS X mDNSResponder buffer overflow vulnerability
2007-05-25 00:00:00
kaspersky
kaspersky
KLA10074 Multiple vulnerabilities in Apple Bonjour
2008-09-10 00:00:00
seebug
seebug
Apple Bonjour for Windows mDNSResponder伪造DNS应答漏洞
2008-09-11 00:00:00
Apple Bonjour for Windows mDNSResponder NULL指针引用拒绝服务漏洞
2008-09-11 00:00:00
Apple Mac OS X 2008-002更新修复多个安全漏洞
2008-03-20 00:00:00
canvas
canvas
Immunity Canvas: MU
2007-08-03 10:17:00
securityvulns
securityvulns
Apple Mac OS X Bonjour mDNSResponder buffer overflow
2007-08-08 00:00:00
iDefense Security Advisory 08.07.07: Apple Mac OS X mDNSResponder HTTP Request Heap Overflow Vulnerability
2007-08-08 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.418 Medium

EPSS

Percentile

97.3%

JSON
Related for GLSA-201201-05
nessus5openvas2prion6cve6cert1kaspersky1seebug4canvas1securityvulns2