Vulnerabilities > CVE-2008-5081 - Resource Management Errors vulnerability in Avahi
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit. CVE-2008-5081. Dos exploits for multiple platform |
| file | exploits/multiple/dos/7520.c |
| id | EDB-ID:7520 |
| last seen | 2016-02-01 |
| modified | 2008-12-19 |
| platform | multiple |
| port | |
| published | 2008-12-19 |
| reporter | Jon Oberheide |
| source | https://www.exploit-db.com/download/7520/ |
| title | Avahi < 0.6.24 mDNS Daemon Remote Denial of Service Exploit |
| type | dos |
Metasploit
| description | Avahi-daemon versions prior to 0.6.24 can be DoS'd with an mDNS packet with a source port of 0. |
| id | MSF:AUXILIARY/DOS/MDNS/AVAHI_PORTZERO |
| last seen | 2020-05-26 |
| modified | 2017-07-24 |
| published | 2010-02-23 |
| references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081 |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/mdns/avahi_portzero.rb |
| title | Avahi Source Port 0 DoS |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_0_AVAHI-081218.NASL description Specially crafted mDNS packets could crash the Avahi daemon (CVE-2008-5081). last seen 2020-06-01 modified 2020-06-02 plugin id 39919 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39919 title openSUSE Security Update : avahi (avahi-384) NASL family Scientific Linux Local Security Checks NASL id SL_20090112_AVAHI_ON_SL5_X.NASL description Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) After installing the update, the avahi-daemon will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 60518 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60518 title Scientific Linux Security Update : avahi on SL5.x i386/x86_64 NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2009-0013.NASL description Updated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) All users are advised to upgrade to these updated packages, which contain a backported patch which resolves this issue. After installing the update, avahi-daemon will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 43726 published 2010-01-06 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43726 title CentOS 5 : avahi (CESA-2009:0013) NASL family SuSE Local Security Checks NASL id SUSE_AVAHI-5870.NASL description Specially crafted mDNS packets could crash the Avahi daemon. (CVE-2008-5081) last seen 2020-06-01 modified 2020-06-02 plugin id 51718 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51718 title SuSE 10 Security Update : avahi (ZYPP Patch Number 5870) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2009-0013.NASL description From Red Hat Security Advisory 2009:0013 : Updated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) All users are advised to upgrade to these updated packages, which contain a backported patch which resolves this issue. After installing the update, avahi-daemon will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 67789 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67789 title Oracle Linux 5 : avahi (ELSA-2009-0013) NASL family Fedora Local Security Checks NASL id FEDORA_2008-11351.NASL description This version includes five patches backported from the recently released 0.6.24 : - A trivial security fix for CVE-2008-5081, rhbz 475964. - A trivial fix for the threaded event loop, avahi bts #251 - A trivial fix unbreaking the --force-bind logic of avahi-autoipd, avahi bts #209 - A trivial fix to make sure we never end up with an invalid IP address in avahi-autoipd, avahi bts #231 - A trivial change to include the host name of the sender when we receive bogus mDNS packets, rhbz #438013 All changes are last seen 2020-06-01 modified 2020-06-02 plugin id 37488 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/37488 title Fedora 10 : avahi-0.6.22-12.fc10 (2008-11351) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-031.NASL description A vulnerability has been discovered in Avahi before 0.6.24, which allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0 (CVE-2008-5081). The updated packages have been patched to prevent this. last seen 2020-06-01 modified 2020-06-02 plugin id 36599 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36599 title Mandriva Linux Security Advisory : avahi (MDVSA-2009:031) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2009-0013.NASL description Updated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) All users are advised to upgrade to these updated packages, which contain a backported patch which resolves this issue. After installing the update, avahi-daemon will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 35358 published 2009-01-13 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/35358 title RHEL 5 : avahi (RHSA-2009:0013) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-696-1.NASL description Emanuele Aina discovered that Avahi did not properly validate its input when processing data over D-Bus. A local attacker could send an empty TXT message via D-Bus and cause a denial of service (failed assertion). This issue only affected Ubuntu 6.06 LTS. (CVE-2007-3372) Hugo Dias discovered that Avahi did not properly verify its input when processing mDNS packets. A remote attacker could send a crafted mDNS packet and cause a denial of service (assertion failure). (CVE-2008-5081). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 36657 published 2009-04-23 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36657 title Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : avahi vulnerabilities (USN-696-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1690.NASL description Two denial of service conditions were discovered in avahi, a Multicast DNS implementation. Huge Dias discovered that the avahi daemon aborts with an assert error if it encounters a UDP packet with source port 0 (CVE-2008-5081 ). It was discovered that the avahi daemon aborts with an assert error if it receives an empty TXT record over D-Bus (CVE-2007-3372 ). last seen 2020-06-01 modified 2020-06-02 plugin id 35253 published 2008-12-22 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/35253 title Debian DSA-1690-1 : avahi - assert errors NASL family SuSE Local Security Checks NASL id SUSE_11_1_AVAHI-081218.NASL description Specially crafted mDNS packets could crash the Avahi daemon (CVE-2008-5081). last seen 2020-06-01 modified 2020-06-02 plugin id 40192 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40192 title openSUSE Security Update : avahi (avahi-384) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-204.NASL description A vulnerability was discovered and corrected in avahi : The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081 (CVE-2010-2244). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 The updated packages have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 49989 published 2010-10-15 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49989 title Mandriva Linux Security Advisory : avahi (MDVSA-2010:204) NASL family SuSE Local Security Checks NASL id SUSE_AVAHI-5882.NASL description Specially crafted mDNS packets could crash the Avahi daemon (CVE-2008-5081). last seen 2020-06-01 modified 2020-06-02 plugin id 35565 published 2009-02-01 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35565 title openSUSE 10 Security Update : avahi (avahi-5882) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200901-11.NASL description The remote host is affected by the vulnerability described in GLSA-200901-11 (Avahi: Denial of Service) Hugo Dias reported a failed assertion in the originates_from_local_legacy_unicast_socket() function in avahi-core/server.c when processing mDNS packets with a source port of 0. Impact : A remote attacker could send specially crafted packets to the daemon, leading to its crash. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 35380 published 2009-01-15 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35380 title GLSA-200901-11 : Avahi: Denial of Service
Oval
| accepted | 2013-04-29T04:23:55.086-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| definition_extensions |
| ||||||||||||
| description | The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:9987 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||
| title | The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure. | ||||||||||||
| version | 18 |
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
bulletinFamily exploit description No description provided by source. id SSV:66077 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-66077 title Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit bulletinFamily exploit description No description provided by source. id SSV:10283 last seen 2017-11-19 modified 2008-12-21 published 2008-12-21 reporter Root source https://www.seebug.org/vuldb/ssvid-10283 title Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
References
- http://avahi.org/milestone/Avahi%200.6.24
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html
- http://secunia.com/advisories/33153
- http://secunia.com/advisories/33220
- http://secunia.com/advisories/33279
- http://secunia.com/advisories/33475
- http://security.gentoo.org/glsa/glsa-200901-11.xml
- http://www.debian.org/security/2008/dsa-1690
- http://www.openwall.com/lists/oss-security/2008/12/14/1
- http://www.securityfocus.com/bid/32825
- http://www.ubuntu.com/usn/usn-696-1
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9987
- https://www.exploit-db.com/exploits/7520