Gentoo Linux Security Advisory 201110-17 - Multiple vulnerabilities were found in Avahi, allowing for denial of service. Versions less than 0.6.28-r1 are affected.
dc4838a4a3921149fa968c2084299a3eaa472b65f62c8d3298ff304fc66f331bUbuntu Security Notice 1084-1 - It was discovered that Avahi incorrectly handled empty UDP packets. A remote attacker could send a specially-crafted packet and cause Avahi to hang, resulting in a denial of service.
5e28ae80a5f0802306a3dc8f39007d0a5907c9e14b785263f2fb74042863af1dMandriva Linux Security Advisory 2011-040 - It was discovered that pango did not check for memory reallocation failures in hb_buffer_ensure() function. This could trigger a NULL pointer dereference in hb_buffer_add_glyph(), where possibly untrusted input is used as an index used for accessing members of the incorrectly reallocated array, resulting in the use of NULL address as the base array address. This can result in application crash or, possibly, code execution. The updated packages have been patched to correct this issue.
c5b09e373563ef82a7c5f2f1998cb4c70210c22b3280d4d73887ba393b446858Debian Linux Security Advisory 2174-1 - It was discovered that avahi, an implementation of the zeroconf protocol, can be crashed remotely by a single UDP packet, which may result in a denial of service.
acf57aa474c9e0a972bc5304081c6c8a38e3bdc75a80db8de3551e80ad353db9Mandriva Linux Security Advisory 2011-037 - avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service via an empty IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
b4edc2d48e2b118b538b66c07b71c4376fd7f4b19f502be783b104e4065ba609
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed