The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets. By sending a specially-crafted UDP packet to UDP port 5353, a remote attacker could exploit the vulnerability to cause the application to enter into an infinite loop. References:, Īvahi is vulnerable to a denial of service, caused by a NULL pointer dereference error within the avahi-core/socket.c. Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address.Īvahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS IPv4 or IPv6 UDP packet to port 5353. TeamViewer remote desktop protocol uses ports 5938/TCP, 5939/TCP, 5353/UDPīackdoor.Optix.04.E (2004.02.10) - a backdoor trojan horse that gives an attacker unauthorized access to an infected computer by opening TCP port 5353 and listening for incoming connections. ![]() ![]() ![]() Plex Media Server uses port 5353 UDP locally for older Bonjour/Avahi network discovery.
0 Comments
Leave a Reply. |