221763 – CVE-2006-6870 Maliciously crafted packed can DoS avahi daemon

Bug 221763 - CVE-2006-6870 Maliciously crafted packed can DoS avahi daemon

Summary: CVE-2006-6870 Maliciously crafted packed can DoS avahi daemon

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	avahi
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Martin Bacovsky
QA Contact:
Docs Contact:
URL:	http://avahi.org/ticket/84
Whiteboard:	source=gentoo,impact=important,public...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-01-07 17:07 UTC by Martin Bacovsky
Modified:	2007-11-30 22:11 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-01-22 13:07:52 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Martin Bacovsky 2007-01-07 17:07:11 UTC

+++ This bug was initially created as a clone of Bug #221440 +++

+++ This bug was initially created as a clone of Bug #221439 +++

Description of problem:

Malformed compressed packed can trigger an endless loop
consuming 100% of cpu time upon its reception.

Version-Release number of selected component (if applicable):

FC5 (0.6.11), FC6 (0.6.15), RHEL5 (0.6.15)

Steps to Reproduce:

No reproducer available.

-- Additional comment from lkundrak on 2007-01-04 12:39 EST --
Created an attachment (id=144823)
Upstram patch for avahi Ticket #84 bug

Comment 1 Martin Bacovsky 2007-01-22 13:07:52 UTC

This issue should be resolved in RAWHIDE version (avahi-0.6.16-1.fc7)

Note You need to log in before you can comment on or make changes to this bug.