Lucene search
K

1854 matches found

seebug.org
seebug.org
added 2009/03/03 12:0 a.m.19 views

Avahi avahi-core/server.c多播DNS拒绝服务漏洞

BUGTRAQ ID: 33946 Avahi是用于简化在本地网络中发现服务的工具。 Avahi的avahi-core/server.c文件中的 originatesfromlocallegacyunicastsocket例程在检查入站的多播报文时没有考虑.sinport的网络字节序列,avahi-daemon反射器在反射旧式单播mDNS通讯时会导致出现大量报文。反射器将初始的多播查询转发到其他接口,然后在同一接口接收回来(IPMULTICASTLOOP),但没有将刚刚转发的查询识别为旧式单播报文,因此就处理为独立的查询,并转发给所有的其他接口。进程如此反复,直到拒绝服务。 Avahi...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/02/19 12:0 a.m.165 views

Scan for UPnP hosts (multicast)

This machine answered to a multicast UPnP NOTIFY packet by trying to fetch the XML description that Nessus advertised. TRUSTED...

5.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2009/01/12 2:9 p.m.30 views

Moderate: Red Hat Security Advisory: avahi security update

Updated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for...

5CVSS7.1AI score0.59223EPSS
Exploits7References2
RedHat Linux
RedHat Linux
added 2009/01/12 2:9 p.m.34 views

avahi: avahi-daemon DoS (application abort) via packet with source port 0

The originatesfromlocallegacyunicastsocket function avahi-core/server.c in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service crash via a crafted mDNS packet with a source port of 0, which triggers an assertion failure...

5CVSS7.4AI score0.59223EPSS
Exploits7References4
OpenVAS
OpenVAS
added 2008/12/31 12:0 a.m.24 views

Avahi Denial of Service Vulnerability

This host is installed with Avahi and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodavahidosvuln.nasl 4917 2017-01-02 14:43:20Z cfi $ Avahi Denial of Service Vulnerability Authors: Sujit Ghosal Copyright c 2008 SecPod, http://www.secpod.com This program is fre...

5CVSS0.1AI score0.59223EPSS
Exploits7References3
OpenVAS
OpenVAS
added 2008/12/31 12:0 a.m.27 views

Avahi Denial of Service Vulnerability

Avahi is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.5AI score0.59223EPSS
Exploits7References4
OpenVAS
OpenVAS
added 2008/12/29 12:0 a.m.53 views

Debian Security Advisory DSA 1690-1 (avahi)

The remote host is missing an update to avahi announced via advisory DSA 1690-1. OpenVAS Vulnerability Test $Id: deb16901.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1690-1 avahi Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

5CVSS0.59223EPSS
Exploits7
securityvulns
securityvulns
added 2008/12/23 12:0 a.m.56 views

[SECURITY] [DSA 1690-1] New avahi packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1690-1 [email protected] http://www.debian.org/security/ Florian Weimer December 22, 2008 http://www.debian.org/security/faq -...

5CVSS0.2AI score0.59223EPSS
Exploits7
Debian
Debian
added 2008/12/22 6:49 a.m.24 views

[SECURITY] [DSA 1690-1] New avahi packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1690-1 [email protected] http://www.debian.org/security/ Florian Weimer December 22, 2008 http://www.debian.org/security/faq -...

5CVSS6.5AI score0.59223EPSS
Exploits7
OSV
OSV
added 2008/12/22 12:0 a.m.29 views

DSA-1690-1 avahi - denial of service

Bulletin has no description...

5CVSS7.5AI score0.59223EPSS
Exploits7
OSV
OSV
added 2008/12/17 2:30 a.m.2 views

DEBIAN-CVE-2008-5081

The originatesfromlocallegacyunicastsocket function avahi-core/server.c in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service crash via a crafted mDNS packet with a source port of 0, which triggers an assertion failure...

5CVSS6.7AI score0.59223EPSS
Exploits7References1
OSV
OSV
added 2008/11/18 4:0 p.m.2 views

DEBIAN-CVE-2008-5141

flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar. temporary file...

6.9CVSS6.3AI score0.00307EPSS
Exploits0References1
securityvulns
securityvulns
added 2008/09/29 12:0 a.m.76 views

Cisco Security Advisory: Multiple Multicast Vulnerabilities in Cisco IOS Software

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Multicast Vulnerabilities in Cisco IOS Software Advisory ID: cisco-sa-20080924-multicast http://www.cisco.com/warp/public/707/cisco-sa-20080924-multicast.shtml Revision 1.0 For Public Release 2008 September 24 1600 UT...

7.8CVSS0.6AI score0.03406EPSS
Exploits1
securityvulns
securityvulns
added 2008/09/29 12:0 a.m.46 views

Cisco IOS, Cisco 10000, uBR10012, uBR7200 and Cisco UCM multiple security vulnerabilities

DoS with L2TP, MPLS, IPS, SIP, SSL vulnerabilities, information leaks, multiple multicast security vulnerabilities, NAT SCP, IOS Software firewall application inspection security vulnerabilities...

9.3CVSS1.7AI score0.03529EPSS
Exploits11References12Affected Software3
Prion
Prion
added 2008/09/26 4:21 p.m.15 views

Code injection

Cisco IOS 12.0 through 12.4 on Gigabit Switch Router GSR devices aka 12000 Series routers allows remote attackers to cause a denial of service device crash via a malformed Protocol Independent Multicast PIM packet...

7.1CVSS7.2AI score0.02757EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2008/09/26 4:0 p.m.32 views

CVE-2008-3808

Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service device reload via a crafted Protocol Independent Multicast PIM packet...

6.4AI score0.03406EPSS
Exploits1References6
Cvelist
Cvelist
added 2008/09/26 4:0 p.m.29 views

CVE-2008-3809

Cisco IOS 12.0 through 12.4 on Gigabit Switch Router GSR devices aka 12000 Series routers allows remote attackers to cause a denial of service device crash via a malformed Protocol Independent Multicast PIM packet...

6.6AI score0.02757EPSS
Exploits1References7
Cisco
Cisco
added 2008/09/24 4:0 p.m.23 views

Multiple Multicast Vulnerabilities in Cisco IOS Software

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

6AI score
Exploits0References1
Prion
Prion
added 2008/09/11 1:10 a.m.19 views

Denial of service

The mldinput function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service divide-by-zero error and panic via a malformed ICMPv6 Multicast Listener Discovery MLD query with a certain Maximum Response Del...

7.1CVSS6.8AI score0.0243EPSS
Exploits2References9Affected Software1
seebug.org
seebug.org
added 2008/09/11 12:0 a.m.44 views

Apple Bonjour for Windows mDNSResponder伪造DNS应答漏洞

BUGTRAQ ID: 31093 CVE ID:CVE-2008-3630 CNCVE ID:CNCVE-20083630 Apple Bonjour for Windows是一款苹果为基于组播域名服务multicast DNS的开放性零设置网络标准所应用的程序。 Apple Bonjour for Windows mDNSResponder的DNS协议实现存在弱点,远程攻击者可以利用漏洞伪造DNS应答,导致网络重定向,可触发中间人等攻击。 Bonjour for Windows提供零配置网络,多播DNS和网络服务发现,也提供使用Bonjour...

6.4CVSS6.4AI score0.01591EPSS
Exploits1
Rows per page
Query Builder