CVE-2008-2326

2008-09-1101:10:25

CWE-20

mitre

web.nvd.nist.gov

cve-2008-2326

mdnsresponder

bonjour namespace provider

apple bonjour

windows

denial of service

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

5.9

Confidence

Low

EPSS

0.011

Percentile

84.4%

JSON

mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour for Windows before 1.0.5 allows attackers to cause a denial of service (NULL pointer dereference and application crash) by resolving a crafted .local domain name that contains a long label.

Affected configurations

Nvd

Node

applebonjourMatch1.0.4unknownwindows

AND

microsoftwindows-ntMatchxpsp3

microsoftwindows_2000Match-

microsoftwindows_2003_serverMatch-

microsoftwindows_vistaMatch-

microsoftwindows_xpMatch-sp2

VendorProductVersionCPE
applebonjour1.0.4cpe:2.3:a:apple:bonjour:1.0.4:unknown:windows:*:*:*:*:*
microsoftwindows-ntxpcpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*
microsoftwindows_2000-cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*
microsoftwindows_2003_server-cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:*:*
microsoftwindows_vista-cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*
microsoftwindows_xp-cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	bonjour	1.0.4	cpe:2.3:a:apple:bonjour:1.0.4:unknown:windows:::::*
microsoft	windows-nt	xp	cpe:2.3:o:microsoft:windows-nt:xp:sp3::::::
microsoft	windows_2000	-	cpe:2.3:o:microsoft:windows_2000:-:::::::*
microsoft	windows_2003_server	-	cpe:2.3:o:microsoft:windows_2003_server:-:::::::*
microsoft	windows_vista	-	cpe:2.3:o:microsoft:windows_vista:-:::::::*
microsoft	windows_xp	-	cpe:2.3:o:microsoft:windows_xp:-:sp2::::::