Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP

From: Steven M. Christey <coley_at_nospam>
Date: Tue Feb 22 2011 - 17:27:37 GMT
To: oss-security@lists.openwall.com

On Fri, 18 Feb 2011, Josh Bressers wrote:

> I just gave it CVE-2011-1002.
>
> Thanks for pointing this out!

The original researcher, nuh, originally requested CVE-2011-0634 for this
issue. I see that the RH bug 667187 lists both CVEs, so maybe there was a
race condition in CVE assignment somewhere?

Let's prefer CVE-2011-1002, and I will REJECT CVE-2011-0634.

- Steve

> --
> JB
>
> ----- Original Message -----
>> Hello,
>> does the following need a CVE-ID or already has one assigned?
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=667187
>>
>>
>> Thanks,
>> Thomas
>>
>> --
>> Thomas Biege <thomas@suse.de>, SUSE LINUX, Security Support & Auditing
>> SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
>> --
>> Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
>> -- Marie von Ebner-Eschenbach
>

This message: [ Message body ]
Next message: Josh Bressers: "Re: [oss-security] CVE request: kernel: fs/partitions: validate map_count in mac partition tables"
Previous message: YGN Ethical Hacker Group: "[oss-security] CVE Request: Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability"
In reply to: Josh Bressers: "Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]