2 matches found
CVE-2017-12130
An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns library version 2017-11-05. A specially crafted packet can make the library dereference a NULL pointer leading to a server crash and denial of service. An attacker needs to send a DNS query to trigger this vulnerabili...
CVE-2017-12130
CVE-2017-12130 is a NULL pointer dereference vulnerability in tinysvcmdns (v2017-11-05). A crafted MDNS DNS query can cause uncompress_nlabel to return NULL, which is later dereferenced in nlabel_to_str, leading to a server crash and denial of service. PoC uses a UDP DNS query to trigger the issu...