CVE-2008-5081

The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.

Published: Dec 17, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-5081
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
avahi / avahi	0.6.5	0.6.5.x
avahi / avahi	0.6.20	0.6.20.x
avahi / avahi	0.6.19	0.6.19.x
avahi / avahi	0.5.2	0.5.2.x
avahi / avahi	0.6.1	0.6.1.x
avahi / avahi	0.6.13	0.6.13.x
avahi / avahi	0.6.15	0.6.15.x
avahi / avahi	0.6.7	0.6.7.x
avahi / avahi	0.6.17	0.6.17.x
avahi / avahi	0.6.16	0.6.16.x
avahi / avahi	0.3	0.3.x
avahi / avahi	0.6.9	0.6.9.x
avahi / avahi	0.2	0.2.x
avahi / avahi	0.1	0.1.x
avahi / avahi	0.6.14	0.6.14.x
avahi / avahi	0.6.10	0.6.10.x
avahi / avahi	0.6.6	0.6.6.x
avahi / avahi	0.5	0.5.x
avahi / avahi	0.6.22	0.6.22.x
avahi / avahi	0.6.4	0.6.4.x
avahi / avahi	0.6.11	0.6.11.x
avahi / avahi	0.6.3	0.6.3.x
avahi / avahi	0.6.8	0.6.8.x
avahi / avahi	0.6.18	0.6.18.x
avahi / avahi	0.6.12	0.6.12.x
avahi / avahi	0.4	0.4.x
avahi / avahi	0.6.21	0.6.21.x
avahi / avahi	0.6.2	0.6.2.x
avahi / avahi	0.5.1	0.5.1.x
avahi / avahi	-	0.6.23.x

Vulnerability Database

289,697

CVE-2008-5081