oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE request: avahi daemon remot

Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP

From: Steven M. Christey <coley_at_nospam>
Date: Tue Feb 22 2011 - 17:27:37 GMT
To: oss-security@lists.openwall.com

On Fri, 18 Feb 2011, Josh Bressers wrote:

> I just gave it CVE-2011-1002.
>
> Thanks for pointing this out!

The original researcher, nuh, originally requested CVE-2011-0634 for this
issue. I see that the RH bug 667187 lists both CVEs, so maybe there was a
race condition in CVE assignment somewhere?

Let's prefer CVE-2011-1002, and I will REJECT CVE-2011-0634.

- Steve

> --
> JB
>
> ----- Original Message -----
>> Hello,
>> does the following need a CVE-ID or already has one assigned?
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=667187
>>
>>
>> Thanks,
>> Thomas
>>
>> --
>> Thomas Biege <thomas@suse.de>, SUSE LINUX, Security Support & Auditing
>> SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
>> --
>> Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
>> -- Marie von Ebner-Eschenbach
>