CVE-2008-5081
avahi - denial of service
EPSS 77.1%
Description
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
How to fix CVE-2008-5081
To remediate CVE-2008-5081, upgrade the affected package to a fixed version below.
- Debian/avahi—upgrade to 0.6.23-3 or later
- Debian/avahi—upgrade to 0.6.22-3+lenny1 or later
Is CVE-2008-5081 being exploited?
Likely — EPSS is 77.1%, placing CVE-2008-5081 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (2)
- from 0, < 0.6.23-3
- from 0, < 0.6.22-3+lenny1