An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack, crashing the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2019-10-31T20:37:17
Updated: 2024-08-05T04:57:24.634Z
Reserved: 2018-01-02T00:00:00
Link: CVE-2018-4002
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-10-31T21:15:12.277
Modified: 2024-11-21T04:06:28.443
Link: CVE-2018-4002
Redhat
No data.