Apple Bonjour for Windows mDNSResponder NULL Pointer Dereference Denial of Service Vulnerability

Bugtraq ID:	31091
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2008-2326
Remote:	Yes
Local:	No
Published:	Sep 09 2008 12:00AM
Updated:	Sep 10 2008 05:11PM
Credit:	Mario Ballano of 48bits.com
Vulnerable:	Apple Bonjour for Windows 1.0.4
Not Vulnerable:	Apple iTunes 8.0 Apple Bonjour for Windows 1.0.5

Apple Bonjour for Windows mDNSResponder NULL Pointer Dereference Denial of Service Vulnerability

Apple Bonjour for Windows is prone to a denial-of-service issue because of a NULL-pointer dereference.

Successfully exploiting this issue will allow attackers to crash the mDNSResponder system service, denying service to legitimate users.

Bonjour for Windows 1.0.4 is vulnerable.

Apple Bonjour for Windows mDNSResponder NULL Pointer Dereference Denial of Service Vulnerability

The following example domain is available:

http://diechromedie.1234567890123456789012345678901234567890123456789012345678901234.local/

Apple Bonjour for Windows mDNSResponder NULL Pointer Dereference Denial of Service Vulnerability

Solution:
Updates are available. Please see the references for more information.


Apple Bonjour for Windows 1.0.4

• Apple Bonjour for Windows 1.0.5
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=21079&cat= 59&platform=osx&method=sa/BonjourSetup.exe

Apple Bonjour for Windows mDNSResponder NULL Pointer Dereference Denial of Service Vulnerability

References:

• Apple�??s Windows Bonjour Namespace Service Provider flaw (Mario Ballano)
  
• Bonjour for Windows 1.0.5 (Apple)
  
• Cisco TelePresence Video Communication Server (VCS) Homepage (Cisco)