Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title mDNSResponder: Multiple vulnerabilities
Informations
Name GLSA-201201-05 First vendor Publication 2012-01-20
Vendor Gentoo Last vendor Modification 2012-01-20
Severity (Vendor) High Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in mDNSResponder, which could lead to execution of arbitrary code with root privileges.

Background

mDNSResponder is a component of Apple's Bonjour, an initiative for zero-configuration networking.

Description

Multiple vulnerabilities have been discovered in mDNSResponder. Please review the CVE identifiers referenced below for details.

Impact

A local or remote attacker may be able to execute arbitrary code with root privileges or cause a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All mDNSResponder users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/mDNSResponder-212.1"

NOTE: This is a legacy GLSA. Updates for all affected architectures are available since November 21, 2009. It is likely that your system is already no longer affected by this issue.

References

[ 1 ] CVE-2007-2386 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2386
[ 2 ] CVE-2007-3744 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3744
[ 3 ] CVE-2007-3828 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3828
[ 4 ] CVE-2008-0989 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0989
[ 5 ] CVE-2008-2326 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2326
[ 6 ] CVE-2008-3630 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3630

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201201-05.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201201-05.xml

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-134 Uncontrolled Format String (CWE/SANS Top 25)
33 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
33 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 12
Os 12

OpenVAS Exploits

Date Description
2012-02-12 Name : Gentoo Security Advisory GLSA 201201-05 (mDNSResponder)
File : nvt/glsa_201201_05.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
54089 Apple Mac OS X mDNSResponder Unspecified Arbitrary Remote Code Execution

48020 Apple Bonjour for Windows mDNSResponder Bonjour API for Unicast DNS Transacti...

48019 Apple Bonjour for Windows Bonjour Namespace Provider mDNSResponder Domain Nam...

43391 Apple Mac OS X mDNSResponderHelper hostname Local Format String

36967 Apple Mac OS X mDNSResponder UPnP IGD Crafted Packet Remote Overflow

A buffer overflow exists in Mac OS X. The mDNS Responder fails to validate UPnP IGD packets resulting in a buffer overflow. With a specially crafted packet, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
35142 Apple Mac OS X mDNSResponder UPnP Internet Gateway Device (IGD) Packet Remote...

A buffer overflow exists in Mac OS X. The mDNSResponder fails to validate UPnP packets used by the Internet Gateway Daemon resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Windows UPnP Location overflow attempt
RuleID : 1388-community - Revision : 23 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows UPnP Location overflow attempt
RuleID : 1388 - Revision : 23 - Type : OS-WINDOWS
2014-01-10 Apple mDNSresponder excessive HTTP headers
RuleID : 12357 - Revision : 6 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2012-01-23 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201201-05.nasl - Type : ACT_GATHER_INFO
2008-09-18 Name : The remote Windows host has an application that is affected by multiple vulne...
File : bonjour_1_0_5.nasl - Type : ACT_GATHER_INFO
2008-03-19 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO
2007-08-02 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2007-007.nasl - Type : ACT_GATHER_INFO
2007-05-25 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2007-005.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:37:08
  • Multiple Updates