{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-12-12T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "33220", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33220"}, {"name": "[oss-security] 20081214 Avahi daemon DoS (CVE-2008-5081)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2008/12/14/1"}, {"name": "SUSE-SR:2009:003", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"}, {"name": "33279", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33279"}, {"name": "oval:org.mitre.oval:def:9987", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9987"}, {"name": "USN-696-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-696-1"}, {"name": "DSA-1690", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1690"}, {"name": "32825", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32825"}, {"name": "7520", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/7520"}, {"name": "GLSA-200901-11", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200901-11.xml"}, {"name": "33153", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33153"}, {"name": "33475", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33475"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://avahi.org/milestone/Avahi%200.6.24"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:40:17.167Z"}, "title": "CVE Program Container", "references": [{"name": "33220", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33220"}, {"name": "[oss-security] 20081214 Avahi daemon DoS (CVE-2008-5081)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2008/12/14/1"}, {"name": "SUSE-SR:2009:003", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"}, {"name": "33279", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33279"}, {"name": "oval:org.mitre.oval:def:9987", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9987"}, {"name": "USN-696-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-696-1"}, {"name": "DSA-1690", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1690"}, {"name": "32825", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/32825"}, {"name": "7520", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/7520"}, {"name": "GLSA-200901-11", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200901-11.xml"}, {"name": "33153", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33153"}, {"name": "33475", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33475"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://avahi.org/milestone/Avahi%200.6.24"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-5081", "datePublished": "2008-12-17T02:00:00.000Z", "dateReserved": "2008-11-14T00:00:00.000Z", "dateUpdated": "2024-08-07T10:40:17.167Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1E36434-D6E7-409A-BB41-CA9F6A9E9B31", "versionEndIncluding": "0.6.23", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EB4B0D9D-FEBD-4C27-8208-CCB5BA5975AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "EA69351E-9DB3-4F0E-AE4D-C5448BD0D99B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "236CE850-B281-428F-8E2D-E0CC649C79FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "1C1BDC60-035E-4F42-8FE2-1B1E22DC64B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FC11CFE6-B57C-484C-8F10-9F68FED7B467", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "9CC276CA-DC35-4955-82C6-EC0059970195", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "7D330EA3-8EB9-4498-B6AD-787FF14ACE39", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "3AACF748-AF75-46B3-BCF7-5E51FE51AB5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "2D210D68-75A5-4518-B012-23474DA04E04", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "FB8A5591-6D72-4E74-A187-936A900CB1F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "B839D606-3383-4887-862A-3E72F134352F", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "D78AC30C-D5F7-4142-B4F2-1132BF0D1000", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "5FBA6408-1181-44DA-9C75-734AD745780C", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "7C0D4625-24B2-4BF7-B32B-7BCC12C8BD1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "8266D64B-B067-413E-BDA7-4AB770D4F570", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "F99BF964-2FC8-45B5-AD69-4790179B8AF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "9CA79F96-1C98-49BE-8197-D52B8B6DEF24", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "6FF6E882-B66D-4B84-AFE7-D96B1B43E65D", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.12:*:*:*:*:*:*:*", "matchCriteriaId": "AC5A8266-1859-45EB-9F16-BF0A5DE1A651", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.13:*:*:*:*:*:*:*", "matchCriteriaId": "DC2000C5-238B-43EF-B374-E7505CC61B29", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.14:*:*:*:*:*:*:*", "matchCriteriaId": "9BAC2B1B-C800-410D-8484-569675FFD484", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.15:*:*:*:*:*:*:*", "matchCriteriaId": "BD6F264D-6E78-4E57-96F7-C8B86BDFBD95", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.16:*:*:*:*:*:*:*", "matchCriteriaId": "2A18985C-8EBB-43A0-BCFC-5CF08DF9D3A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.17:*:*:*:*:*:*:*", "matchCriteriaId": "26E4AECD-B872-46D5-AAA0-280CC32E2F64", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.18:*:*:*:*:*:*:*", "matchCriteriaId": "563F6941-3A7E-4C44-BAC8-C19BDED9BDF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.19:*:*:*:*:*:*:*", "matchCriteriaId": "12B07E9A-345B-4E14-9D0D-5CAB84761D93", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.20:*:*:*:*:*:*:*", "matchCriteriaId": "5A187641-2E8C-4B40-B861-E49294F3E39F", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.21:*:*:*:*:*:*:*", "matchCriteriaId": "C6FE243E-6E65-4726-832D-0585FE31A182", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.22:*:*:*:*:*:*:*", "matchCriteriaId": "735FEE37-3948-46DD-A56F-42078EF31345", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure."}, {"lang": "es", "value": "La funci\u00f3n originates_from_local_legacy_unicast_socket (avahi-core/server.c)en avahi-daemon en Avahi anterior a v0.6.24 permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un paquete mDNS manipulado con un puerto de origen de 0, que dispara un fallo de evaluaci\u00f3n."}], "id": "CVE-2008-5081", "lastModified": "2026-04-23T00:35:47.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-12-17T02:30:00.187", "references": [{"source": "secalert@redhat.com", "url": "http://avahi.org/milestone/Avahi%200.6.24"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/33153"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/33220"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/33279"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/33475"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200901-11.xml"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1690"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2008/12/14/1"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/32825"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-696-1"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9987"}, {"source": "secalert@redhat.com", "url": "https://www.exploit-db.com/exploits/7520"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://avahi.org/milestone/Avahi%200.6.24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/33153"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/33220"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/33279"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/33475"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200901-11.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1690"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2008/12/14/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/32825"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-696-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9987"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/7520"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2009:0013", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "avahi-0:0.6.16-1.el5_2.1", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2009-01-12T00:00:00Z"}], "bugzilla": {"description": "avahi: avahi-daemon DoS (application abort) via packet with source port 0", "id": "475964", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=475964"}, "csaw": false, "cvss": {"cvss_base_score": "3.3", "cvss_scoring_vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "status": "verified"}, "details": ["The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure."], "name": "CVE-2008-5081", "public_date": "2008-12-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2008-5081\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-5081"], "threat_severity": "Moderate"}

{}