VDB
CVE-2008-5081
CVE-2008-5081
PUBLISHED
CVSS 5 MEDIUM
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
EPSS 77.08% · 99.0th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
77.08%
99.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| avahi | avahi | 0.2, 0, 0.1 |
| n/a | n/a | n/a |
Exploit Intelligence
- CIRCL seen: CVE-2008-5081 (circl-sighting)
- CIRCL seen: CVE-2008-5081 (circl-sighting)
- CIRCL seen: CVE-2008-5081 (circl-sighting)
- 32825 (circl)
- 33153 (circl)
- oval:org.mitre.oval:def:9987 (circl)
- USN-696-1 (circl)
- DSA-1690 (circl)
- 33220 (circl)
- GLSA-200901-11 (circl)
…and 8 more exploits
Timeline
- Dec 17, 2008 CVE Published
- Dec 19, 2008 PoC Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 17, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
References
- 33220 third-party-advisory
- [oss-security] 20081214 Avahi daemon DoS (CVE-2008-5081) mailing-list
- SUSE-SR:2009:003 vendor-advisory
- 33279 third-party-advisory
- oval:org.mitre.oval:def:9987 vdb
- USN-696-1 vendor-advisory
- DSA-1690 vendor-advisory
- 32825 vdb
- 7520 exploit
- GLSA-200901-11 vendor-advisory
- 33153 third-party-advisory
- 33475 third-party-advisory
- http://avahi.org/milestone/Avahi%200.6.24 url
- https://nvd.nist.gov/vuln/detail/CVE-2008-5081 advisory