An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack, crashing the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published: 2019-10-31T20:37:17

Updated: 2024-08-05T04:57:24.634Z

Reserved: 2018-01-02T00:00:00

Link: CVE-2018-4002

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-10-31T21:15:12.277

Modified: 2024-11-21T04:06:28.443

Link: CVE-2018-4002

cve-icon Redhat

No data.