CVE-2009-0758

EPSS 1.1%

avahi - denial of service

發布日:2009/3/3修改日:2026/4/28

也稱為:DEBIAN-CVE-2009-0758

描述

The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.

受影響套件(2)

Debian/avahifrom 0, < 0.6.24-3
Debian/avahifrom 0, < 0.6.23-3lenny2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-0758