34 matches found
EUVD-2017-3714
Malware in sbrugna...
EUVD-2017-3673
Malware in sbrugna...
CVE-2019-9747
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS Multicast DNS packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the function uncompressnlabel goes into an infinite loop trying to analyze the packet with an mDNS query. As a...
CVE-2019-9748
In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...
CVE-2019-9747
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS Multicast DNS packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the function uncompressnlabel goes into an infinite loop trying to analyze the packet with an mDNS query. As a...
CVE-2019-9748
In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...
CVE-2019-9747
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS Multicast DNS packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the function uncompressnlabel goes into an infinite loop trying to analyze the packet with an mDNS query. As a...
CVE-2019-9748
In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...
Information disclosure
In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...
Design/Logic Flaw
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS Multicast DNS packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the function uncompressnlabel goes into an infinite loop trying to analyze the packet with an mDNS query. As a...
CVE-2019-9748
Affected software: tinysvcmdns prior to 2018-01-16. Issue: processing a crafted mDNS packet can cause arbitrary data reads up to 16383 bytes from the buffer start, leading to a segmentation fault in uncompress_nlabel (mdns.c) and possible server crash, or disclosure of memory content via error me...
CVE-2019-9747
CVE-2019-9747 affects tinysvcmdns (through 2018-01-16). A crafted mDNS packet can cause an infinite loop in uncompress_nlabel when compressed labels reference each other, leading the mDNS server to hang after processing the packet. The issue is triggered during parsing of an mDNS query; no explic...
CVE-2019-9747
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS Multicast DNS packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the function uncompressnlabel goes into an infinite loop trying to analyze the packet with an mDNS query. As a...
tinysvcmdns library buffer overflow vulnerability
The tinysvcmdns library is a multicast DNS response library for services. A heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. An attacker can exploit this vulnerability by sending dns packets to cause the library to overwrite arbitrary data on the heap...
Heap overflow
An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...
DEBIAN-CVE-2017-12087
An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...
CVE-2017-12087
An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...
CVE-2017-12087
An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...
CVE-2017-12087
An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...
UBUNTU-CVE-2017-12087
An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...