1854 matches found
Avahi avahi-core/server.c多播DNS拒绝服务漏洞
BUGTRAQ ID: 33946 Avahi是用于简化在本地网络中发现服务的工具。 Avahi的avahi-core/server.c文件中的 originatesfromlocallegacyunicastsocket例程在检查入站的多播报文时没有考虑.sinport的网络字节序列,avahi-daemon反射器在反射旧式单播mDNS通讯时会导致出现大量报文。反射器将初始的多播查询转发到其他接口,然后在同一接口接收回来(IPMULTICASTLOOP),但没有将刚刚转发的查询识别为旧式单播报文,因此就处理为独立的查询,并转发给所有的其他接口。进程如此反复,直到拒绝服务。 Avahi...
Scan for UPnP hosts (multicast)
This machine answered to a multicast UPnP NOTIFY packet by trying to fetch the XML description that Nessus advertised. TRUSTED...
Moderate: Red Hat Security Advisory: avahi security update
Updated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for...
avahi: avahi-daemon DoS (application abort) via packet with source port 0
The originatesfromlocallegacyunicastsocket function avahi-core/server.c in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service crash via a crafted mDNS packet with a source port of 0, which triggers an assertion failure...
Avahi Denial of Service Vulnerability
This host is installed with Avahi and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodavahidosvuln.nasl 4917 2017-01-02 14:43:20Z cfi $ Avahi Denial of Service Vulnerability Authors: Sujit Ghosal Copyright c 2008 SecPod, http://www.secpod.com This program is fre...
Avahi Denial of Service Vulnerability
Avahi is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1690-1 (avahi)
The remote host is missing an update to avahi announced via advisory DSA 1690-1. OpenVAS Vulnerability Test $Id: deb16901.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1690-1 avahi Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1690-1 [email protected] http://www.debian.org/security/ Florian Weimer December 22, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1690-1 [email protected] http://www.debian.org/security/ Florian Weimer December 22, 2008 http://www.debian.org/security/faq -...
DSA-1690-1 avahi - denial of service
Bulletin has no description...
DEBIAN-CVE-2008-5081
The originatesfromlocallegacyunicastsocket function avahi-core/server.c in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service crash via a crafted mDNS packet with a source port of 0, which triggers an assertion failure...
DEBIAN-CVE-2008-5141
flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar. temporary file...
Cisco Security Advisory: Multiple Multicast Vulnerabilities in Cisco IOS Software
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Multicast Vulnerabilities in Cisco IOS Software Advisory ID: cisco-sa-20080924-multicast http://www.cisco.com/warp/public/707/cisco-sa-20080924-multicast.shtml Revision 1.0 For Public Release 2008 September 24 1600 UT...
Cisco IOS, Cisco 10000, uBR10012, uBR7200 and Cisco UCM multiple security vulnerabilities
DoS with L2TP, MPLS, IPS, SIP, SSL vulnerabilities, information leaks, multiple multicast security vulnerabilities, NAT SCP, IOS Software firewall application inspection security vulnerabilities...
Code injection
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router GSR devices aka 12000 Series routers allows remote attackers to cause a denial of service device crash via a malformed Protocol Independent Multicast PIM packet...
CVE-2008-3808
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service device reload via a crafted Protocol Independent Multicast PIM packet...
CVE-2008-3809
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router GSR devices aka 12000 Series routers allows remote attackers to cause a denial of service device crash via a malformed Protocol Independent Multicast PIM packet...
Multiple Multicast Vulnerabilities in Cisco IOS Software
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Denial of service
The mldinput function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service divide-by-zero error and panic via a malformed ICMPv6 Multicast Listener Discovery MLD query with a certain Maximum Response Del...
Apple Bonjour for Windows mDNSResponder伪造DNS应答漏洞
BUGTRAQ ID: 31093 CVE ID:CVE-2008-3630 CNCVE ID:CNCVE-20083630 Apple Bonjour for Windows是一款苹果为基于组播域名服务multicast DNS的开放性零设置网络标准所应用的程序。 Apple Bonjour for Windows mDNSResponder的DNS协议实现存在弱点,远程攻击者可以利用漏洞伪造DNS应答,导致网络重定向,可触发中间人等攻击。 Bonjour for Windows提供零配置网络,多播DNS和网络服务发现,也提供使用Bonjour...