Vulnerabilities > CVE-2008-5081 - Resource Management Errors vulnerability in Avahi

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
avahi
CWE-399
nessus
exploit available
metasploit

Summary

The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionAvahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit. CVE-2008-5081. Dos exploits for multiple platform
fileexploits/multiple/dos/7520.c
idEDB-ID:7520
last seen2016-02-01
modified2008-12-19
platformmultiple
port
published2008-12-19
reporterJon Oberheide
sourcehttps://www.exploit-db.com/download/7520/
titleAvahi < 0.6.24 mDNS Daemon Remote Denial of Service Exploit
typedos

Metasploit

descriptionAvahi-daemon versions prior to 0.6.24 can be DoS'd with an mDNS packet with a source port of 0.
idMSF:AUXILIARY/DOS/MDNS/AVAHI_PORTZERO
last seen2020-05-26
modified2017-07-24
published2010-02-23
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/mdns/avahi_portzero.rb
titleAvahi Source Port 0 DoS

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_AVAHI-081218.NASL
    descriptionSpecially crafted mDNS packets could crash the Avahi daemon (CVE-2008-5081).
    last seen2020-06-01
    modified2020-06-02
    plugin id39919
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39919
    titleopenSUSE Security Update : avahi (avahi-384)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20090112_AVAHI_ON_SL5_X.NASL
    descriptionHugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) After installing the update, the avahi-daemon will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id60518
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60518
    titleScientific Linux Security Update : avahi on SL5.x i386/x86_64
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2009-0013.NASL
    descriptionUpdated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) All users are advised to upgrade to these updated packages, which contain a backported patch which resolves this issue. After installing the update, avahi-daemon will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id43726
    published2010-01-06
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43726
    titleCentOS 5 : avahi (CESA-2009:0013)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_AVAHI-5870.NASL
    descriptionSpecially crafted mDNS packets could crash the Avahi daemon. (CVE-2008-5081)
    last seen2020-06-01
    modified2020-06-02
    plugin id51718
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51718
    titleSuSE 10 Security Update : avahi (ZYPP Patch Number 5870)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2009-0013.NASL
    descriptionFrom Red Hat Security Advisory 2009:0013 : Updated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) All users are advised to upgrade to these updated packages, which contain a backported patch which resolves this issue. After installing the update, avahi-daemon will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id67789
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67789
    titleOracle Linux 5 : avahi (ELSA-2009-0013)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-11351.NASL
    descriptionThis version includes five patches backported from the recently released 0.6.24 : - A trivial security fix for CVE-2008-5081, rhbz 475964. - A trivial fix for the threaded event loop, avahi bts #251 - A trivial fix unbreaking the --force-bind logic of avahi-autoipd, avahi bts #209 - A trivial fix to make sure we never end up with an invalid IP address in avahi-autoipd, avahi bts #231 - A trivial change to include the host name of the sender when we receive bogus mDNS packets, rhbz #438013 All changes are
    last seen2020-06-01
    modified2020-06-02
    plugin id37488
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37488
    titleFedora 10 : avahi-0.6.22-12.fc10 (2008-11351)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2009-031.NASL
    descriptionA vulnerability has been discovered in Avahi before 0.6.24, which allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0 (CVE-2008-5081). The updated packages have been patched to prevent this.
    last seen2020-06-01
    modified2020-06-02
    plugin id36599
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36599
    titleMandriva Linux Security Advisory : avahi (MDVSA-2009:031)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-0013.NASL
    descriptionUpdated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) All users are advised to upgrade to these updated packages, which contain a backported patch which resolves this issue. After installing the update, avahi-daemon will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id35358
    published2009-01-13
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/35358
    titleRHEL 5 : avahi (RHSA-2009:0013)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-696-1.NASL
    descriptionEmanuele Aina discovered that Avahi did not properly validate its input when processing data over D-Bus. A local attacker could send an empty TXT message via D-Bus and cause a denial of service (failed assertion). This issue only affected Ubuntu 6.06 LTS. (CVE-2007-3372) Hugo Dias discovered that Avahi did not properly verify its input when processing mDNS packets. A remote attacker could send a crafted mDNS packet and cause a denial of service (assertion failure). (CVE-2008-5081). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id36657
    published2009-04-23
    reporterUbuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36657
    titleUbuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : avahi vulnerabilities (USN-696-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1690.NASL
    descriptionTwo denial of service conditions were discovered in avahi, a Multicast DNS implementation. Huge Dias discovered that the avahi daemon aborts with an assert error if it encounters a UDP packet with source port 0 (CVE-2008-5081 ). It was discovered that the avahi daemon aborts with an assert error if it receives an empty TXT record over D-Bus (CVE-2007-3372 ).
    last seen2020-06-01
    modified2020-06-02
    plugin id35253
    published2008-12-22
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/35253
    titleDebian DSA-1690-1 : avahi - assert errors
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_AVAHI-081218.NASL
    descriptionSpecially crafted mDNS packets could crash the Avahi daemon (CVE-2008-5081).
    last seen2020-06-01
    modified2020-06-02
    plugin id40192
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40192
    titleopenSUSE Security Update : avahi (avahi-384)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2010-204.NASL
    descriptionA vulnerability was discovered and corrected in avahi : The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081 (CVE-2010-2244). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4 90 The updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id49989
    published2010-10-15
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49989
    titleMandriva Linux Security Advisory : avahi (MDVSA-2010:204)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_AVAHI-5882.NASL
    descriptionSpecially crafted mDNS packets could crash the Avahi daemon (CVE-2008-5081).
    last seen2020-06-01
    modified2020-06-02
    plugin id35565
    published2009-02-01
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35565
    titleopenSUSE 10 Security Update : avahi (avahi-5882)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200901-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200901-11 (Avahi: Denial of Service) Hugo Dias reported a failed assertion in the originates_from_local_legacy_unicast_socket() function in avahi-core/server.c when processing mDNS packets with a source port of 0. Impact : A remote attacker could send specially crafted packets to the daemon, leading to its crash. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id35380
    published2009-01-15
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35380
    titleGLSA-200901-11 : Avahi: Denial of Service

Oval

accepted2013-04-29T04:23:55.086-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionThe originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
familyunix
idoval:org.mitre.oval:def:9987
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleThe originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
version18

Redhat

advisories
bugzilla
id475964
titleCVE-2008-5081 avahi: avahi-daemon DoS (application abort) via packet with source port 0
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 5 is installed
      ovaloval:com.redhat.rhba:tst:20070331005
    • OR
      • AND
        • commentavahi-devel is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013001
        • commentavahi-devel is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013002
      • AND
        • commentavahi-compat-howl is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013003
        • commentavahi-compat-howl is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013004
      • AND
        • commentavahi-glib is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013005
        • commentavahi-glib is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013006
      • AND
        • commentavahi is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013007
        • commentavahi is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013008
      • AND
        • commentavahi-qt3-devel is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013009
        • commentavahi-qt3-devel is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013010
      • AND
        • commentavahi-glib-devel is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013011
        • commentavahi-glib-devel is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013012
      • AND
        • commentavahi-compat-howl-devel is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013013
        • commentavahi-compat-howl-devel is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013014
      • AND
        • commentavahi-compat-libdns_sd is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013015
        • commentavahi-compat-libdns_sd is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013016
      • AND
        • commentavahi-qt3 is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013017
        • commentavahi-qt3 is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013018
      • AND
        • commentavahi-tools is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013019
        • commentavahi-tools is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013020
      • AND
        • commentavahi-compat-libdns_sd-devel is earlier than 0:0.6.16-1.el5_2.1
          ovaloval:com.redhat.rhsa:tst:20090013021
        • commentavahi-compat-libdns_sd-devel is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20090013022
rhsa
idRHSA-2009:0013
released2009-01-12
severityModerate
titleRHSA-2009:0013: avahi security update (Moderate)
rpms
  • avahi-0:0.6.16-1.el5_2.1
  • avahi-compat-howl-0:0.6.16-1.el5_2.1
  • avahi-compat-howl-devel-0:0.6.16-1.el5_2.1
  • avahi-compat-libdns_sd-0:0.6.16-1.el5_2.1
  • avahi-compat-libdns_sd-devel-0:0.6.16-1.el5_2.1
  • avahi-debuginfo-0:0.6.16-1.el5_2.1
  • avahi-devel-0:0.6.16-1.el5_2.1
  • avahi-glib-0:0.6.16-1.el5_2.1
  • avahi-glib-devel-0:0.6.16-1.el5_2.1
  • avahi-qt3-0:0.6.16-1.el5_2.1
  • avahi-qt3-devel-0:0.6.16-1.el5_2.1
  • avahi-tools-0:0.6.16-1.el5_2.1

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:66077
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-66077
    titleAvahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:10283
    last seen2017-11-19
    modified2008-12-21
    published2008-12-21
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-10283
    titleAvahi &lt; 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit