CVE-2007-3372

Related Files

Debian Linux Security Advisory 1690-1

Posted Dec 30, 2008

Authored by Debian | Site debian.org

Debian Security Advisory 1690-1 - Two denial of service conditions were discovered in avahi, a Multicast DNS implementation.

tags | advisory, denial of service

systems | linux, debian

advisories | CVE-2007-3372, CVE-2008-5081

SHA-256 | ef1a5df07104978bb17173fe99f506005c7a6bbe6cf093b6fdec41e6a73983b8

Download | Favorite | View

Ubuntu Security Notice 696-1

Posted Dec 30, 2008

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-696-1 - Emanuele Aina discovered that Avahi did not properly validate it's input when processing data over D-Bus. A local attacker could send an empty TXT message via D-Bus and cause a denial of service (failed assertion). This issue only affected Ubuntu 6.06 LTS. Hugo Dias discovered that Avahi did not properly verify it's input when processing mDNS packets. A remote attacker could send a crafted mDNS packet and cause a denial of service (assertion failure).

tags | advisory, remote, denial of service, local

systems | linux, ubuntu

advisories | CVE-2007-3372, CVE-2008-5081

SHA-256 | 4ed8338613bd90bd9db4370e94dd72fdf7c7aeb5538276764c37e414ec7895f3

Download | Favorite | View

Mandriva Linux Security Advisory 2007.185

Posted Sep 18, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Avahi daemon in 0.6.20 and previous allows attackers to cause a denial of service via empty TXT data over D-Bus, which triggers an assert error.

tags | advisory, denial of service

systems | linux, mandriva

advisories | CVE-2007-3372

SHA-256 | 2975f9882100605d91b524f1ccf697a2b0e184927a8e9ccc4e9208c694ed6e31

Download | Favorite | View