CVE-2008-5081

Name of the Vulnerable Software and Affected Versions Avahi versions prior to 0.6.24

Description The issue allows remote attackers to cause a denial of service, potentially disrupting the availability of protected information. This can be achieved by sending a crafted mDNS packet with a source port of 0, which triggers an assertion failure in the originates from local legacy unicast socket function. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For Avahi versions prior to 0.6.24, update to version 0.6.24 or later to resolve the issue. As a temporary workaround, consider restricting access to the originates from local legacy unicast socket function in the avahi-daemon to minimize the risk of exploitation.