CVE-2018-4011

Name of the Vulnerable Software and Affected Versions CUJO Smart Firewall version 7003

Description The issue is related to an integer underflow vulnerability in the mdnscap binary. It occurs when parsing SRV records in an mDNS packet, where the RDLENGTH value is handled incorrectly. This leads to an out-of-bounds access, causing the mdnscap process to crash. An unauthenticated attacker can trigger this issue by sending a specially crafted mDNS message.

Recommendations For version 7003, consider disabling the mdnscap binary or restricting its access to mDNS packets until a patch is available. As a temporary workaround, avoid parsing SRV records from untrusted sources to minimize the risk of exploitation.