17 matches found
EUVD-2018-15797
Malware in sbrugna...
CVE-2018-4002
An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack,...
CVE-2018-4002
The CVE-2018-4002 issue affects CUJO Smart Firewall (firmware 7003) mdnscap, where mdnscap’s mDNS label parsing mishandles compression pointers, creating an uncontrolled recursion that exhausts the call stack and crashes the mdnscap process. An unauthenticated remote attacker can send specially c...
CVE-2018-4002
An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack,...
PT-2019-10742 · Cujo · Cujo Smart Firewall
Name of the Vulnerable Software and Affected Versions: CUJO Smart Firewall version 7003 Description: A denial-of-service issue exists due to unsafe handling of label compression pointers in mDNS packets by the mdnscap binary, leading to uncontrolled recursion and eventual stack exhaustion, causin...
CVE-2018-3985
An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall. When parsing mDNS packets, a memory space is freed twice if an invalid query name is encountered, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated attacke...
CVE-2018-4003
An exploitable heap overflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. The string lengths are handled incorrectly when parsing character strings in mDNS resource records, leading to arbitrary code execution in the context of the mdnscap process. ...
CVE-2018-4011
An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the "RDLENGTH" value is handled incorrectly, leading to an out-of-bounds access that crashes the mdnscap process. An unauthenticated...
Integer overflow
An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the "RDLENGTH" value is handled incorrectly, leading to an out-of-bounds access that crashes the mdnscap process. An unauthenticated...
Heap overflow
An exploitable heap overflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. The string lengths are handled incorrectly when parsing character strings in mDNS resource records, leading to arbitrary code execution in the context of the mdnscap process. ...
Double free
An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall. When parsing mDNS packets, a memory space is freed twice if an invalid query name is encountered, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated attacke...
PT-2019-10750 · Cujo · Cujo Smart Firewall
Name of the Vulnerable Software and Affected Versions: CUJO Smart Firewall version 7003 Description: The issue is related to an integer underflow vulnerability in the mdnscap binary. It occurs when parsing SRV records in an mDNS packet, where the RDLENGTH value is handled incorrectly. This leads ...
PT-2019-10743 · Cujo · Cujo Smart Firewall
Name of the Vulnerable Software and Affected Versions: CUJO Smart Firewall version 7003 Description: A heap overflow issue exists due to incorrect handling of string lengths when parsing character strings in mDNS resource records. This can lead to arbitrary code execution in the context of the...
CUJO Smart Firewall Denial of Service Vulnerability
CUJO Smart Firewall is a home smart firewall device from CUJO USA. A denial of service vulnerability exists in the mdnscap binary in the CUJO Smart Firewall using firmware version 7003, which stems from the program failing to securely handle compressed pointers when parsing labels in mDNS packets...
CUJO Smart Firewall Integer Overflow Vulnerability
CUJO Smart Firewall is a home smart firewall device from CUJO USA. An integer overflow vulnerability exists in the mdnscap binary in CUJO Smart Firewalls using firmware version 7003, which stems from the program failing to properly handle the 'RDLENGTH' value when parsing SRV records in mDNS...
CUJO Smart Firewall mdnscap mDNS label compression denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the...
CUJO Smart Firewall mdnscap mDNS record parsing code execution vulnerability
Summary An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall. When parsing mDNS packets, a memory space is freed twice if an invalid query name is encountered, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated...