cve/2018/CVE-2018-4011.md

### [CVE-2018-4011](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4011)
![](https://img.shields.io/static/v1?label=Product&message=CUJO&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=integer%20underflow&color=brighgreen)

### Description

An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the "RDLENGTH" value is handled incorrectly, leading to an out-of-bounds access that crashes the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability.

### POC

#### Reference
- https://talosintelligence.com/vulnerability_reports/TALOS-2018-0681

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2018-4011](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4011)`
			`![](https://img.shields.io/static/v1?label=Product&message=CUJO&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=integer%20underflow&color=brighgreen)`

			`### Description`

			`An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the "RDLENGTH" value is handled incorrectly, leading to an out-of-bounds access that crashes the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability.`

			`### POC`

			`#### Reference`
			`- https://talosintelligence.com/vulnerability_reports/TALOS-2018-0681`

			`#### Github`
			`No PoCs found on GitHub currently.`