Novell Home

CVE-2008-5081

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2008-5081 at MITRE

Description

The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Novell/SUSE information

Novell Bugzilla entry: 459007, 646961

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 10.3
  • avahi >= 0.6.20-40.2
  • avahi-32bit >= 0.6.20-40.2
  • avahi-64bit >= 0.6.20-40.2
  • avahi-compat-howl >= 0.6.20-40.2
  • avahi-compat-howl-devel >= 0.6.20-40.2
  • avahi-compat-mDNSResponder >= 0.6.20-40.2
  • avahi-compat-mDNSResponder-32bit >= 0.6.20-40.2
  • avahi-compat-mDNSResponder-64bit >= 0.6.20-40.2
  • avahi-compat-mDNSResponder-devel >= 0.6.20-40.2
  • avahi-devel >= 0.6.20-40.2
  • avahi-glib >= 0.6.20-40.2
  • avahi-glib-32bit >= 0.6.20-40.2
  • avahi-glib-64bit >= 0.6.20-40.2
  • avahi-python >= 0.6.20-40.2
  • avahi-qt3 >= 0.6.20-40.2
  • avahi-qt4 >= 0.6.20-40.2
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP2 for x86
  • avahi >= 0.6.5-29.19
  • avahi-glib >= 0.6.5-29.19
 sle10-sp2-sdk.x86-64
sle10-sp2-sdk.x86
sle10-sp2-sdk.ppc
sled10-sp2.x86-64
sle10-sp2-sdk.ia64
sle10-sp2-sdk.s390x
sled10-sp2.x86
ZYPP Patch Nr: 5870

© 2012 Novell