Vulnerabilities > CVE-2009-0758 - Resource Management Errors vulnerability in Avahi Avahi-Daemon 0.6.23
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_AVAHI-100119.NASL description The avahi-daemon reflector could cause packet storms when reflecting legacy unicast mDNS traffic (CVE-2009-0758). This has been fixed. last seen 2020-06-01 modified 2020-06-02 plugin id 44378 published 2010-02-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44378 title SuSE 11 Security Update : avahi (SAT Patch Number 1827) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(44378); script_version("1.11"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2009-0758"); script_name(english:"SuSE 11 Security Update : avahi (SAT Patch Number 1827)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The avahi-daemon reflector could cause packet storms when reflecting legacy unicast mDNS traffic (CVE-2009-0758). This has been fixed." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=480865" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-0758.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 1827."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:avahi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:avahi-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libavahi-client3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libavahi-client3-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libavahi-common3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libavahi-common3-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libavahi-core5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libdns_sd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libdns_sd-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0"); flag = 0; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"avahi-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"avahi-lang-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"libavahi-client3-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"libavahi-common3-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"libavahi-core5-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"libdns_sd-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"avahi-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"avahi-lang-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libavahi-client3-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libavahi-client3-32bit-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libavahi-common3-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libavahi-common3-32bit-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libavahi-core5-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libdns_sd-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libdns_sd-32bit-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"avahi-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"avahi-lang-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"libavahi-client3-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"libavahi-common3-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"libavahi-core5-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"libdns_sd-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"libavahi-client3-32bit-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"libavahi-common3-32bit-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"libdns_sd-32bit-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"libavahi-client3-32bit-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"libavahi-common3-32bit-0.6.23-11.14.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"libdns_sd-32bit-0.6.23-11.14.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200904-10.NASL description The remote host is affected by the vulnerability described in GLSA-200904-10 (Avahi: Denial of Service) Rob Leslie reported that the originates_from_local_legacy_unicast_socket() function in avahi-core/server.c does not account for the network byte order of a port number when processing incoming multicast packets, leading to a multicast packet storm. Impact : A remote attacker could send specially crafted legacy unicast mDNS query packets to the Avahi daemon, resulting in a Denial of Service due to network bandwidth and CPU consumption. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 36138 published 2009-04-11 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36138 title GLSA-200904-10 : Avahi: Denial of Service code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200904-10. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(36138); script_version("1.11"); script_cvs_date("Date: 2019/08/02 13:32:45"); script_cve_id("CVE-2009-0758"); script_xref(name:"GLSA", value:"200904-10"); script_name(english:"GLSA-200904-10 : Avahi: Denial of Service"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200904-10 (Avahi: Denial of Service) Rob Leslie reported that the originates_from_local_legacy_unicast_socket() function in avahi-core/server.c does not account for the network byte order of a port number when processing incoming multicast packets, leading to a multicast packet storm. Impact : A remote attacker could send specially crafted legacy unicast mDNS query packets to the Avahi daemon, resulting in a Denial of Service due to network bandwidth and CPU consumption. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200904-10" ); script_set_attribute( attribute:"solution", value: "All Avahi users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-dns/avahi-0.6.24-r2'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:avahi"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2009/04/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-dns/avahi", unaffected:make_list("ge 0.6.24-r2"), vulnerable:make_list("lt 0.6.24-r2"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Avahi"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0622.NASL description Updated rhev-hypervisor packages that fix multiple security issues and two bugs are now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. It was found that the libspice component of QEMU-KVM on the host did not validate all pointers provided from a guest system last seen 2020-06-01 modified 2020-06-02 plugin id 79276 published 2014-11-17 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79276 title RHEL 5 : rhev-hypervisor (RHSA-2010:0622) NASL family SuSE Local Security Checks NASL id SUSE_AVAHI-6787.NASL description The avahi-daemon reflector could cause packet storms when reflecting legacy unicast mDNS traffic (CVE-2009-0758). This has been fixed. last seen 2020-06-01 modified 2020-06-02 plugin id 51719 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51719 title SuSE 10 Security Update : avahi (ZYPP Patch Number 6787) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0528.NASL description Updated avahi packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print to, and find shared files on other computers. A flaw was found in the way the Avahi daemon (avahi-daemon) processed Multicast DNS (mDNS) packets with corrupted checksums. An attacker on the local network could use this flaw to cause avahi-daemon on a target system to exit unexpectedly via specially crafted mDNS packets. (CVE-2010-2244) A flaw was found in the way avahi-daemon processed incoming unicast mDNS messages. If the mDNS reflector were enabled on a system, an attacker on the local network could send a specially crafted unicast mDNS message to that system, resulting in its avahi-daemon flooding the network with a multicast packet storm, and consuming a large amount of CPU. Note: The mDNS reflector is disabled by default. (CVE-2009-0758) All users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, avahi-daemon will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 47739 published 2010-07-16 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47739 title CentOS 5 : avahi (CESA-2010:0528) NASL family Scientific Linux Local Security Checks NASL id SL_20100713_AVAHI_ON_SL5_X.NASL description A flaw was found in the way the Avahi daemon (avahi-daemon) processed Multicast DNS (mDNS) packets with corrupted checksums. An attacker on the local network could use this flaw to cause avahi-daemon on a target system to exit unexpectedly via specially crafted mDNS packets. (CVE-2010-2244) A flaw was found in the way avahi-daemon processed incoming unicast mDNS messages. If the mDNS reflector were enabled on a system, an attacker on the local network could send a specially crafted unicast mDNS message to that system, resulting in its avahi-daemon flooding the network with a multicast packet storm, and consuming a large amount of CPU. Note: The mDNS reflector is disabled by default. (CVE-2009-0758) After installing the update, avahi-daemon will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 60814 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60814 title Scientific Linux Security Update : avahi on SL5.x i386/x86_64 NASL family SuSE Local Security Checks NASL id SUSE_11_1_AVAHI-100119.NASL description The avahi-daemon reflector could cause packet storms when reflecting legacy unicast mDNS traffic (CVE-2009-0758). last seen 2020-06-01 modified 2020-06-02 plugin id 44367 published 2010-02-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44367 title openSUSE Security Update : avahi (avahi-1832) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0528.NASL description Updated avahi packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print to, and find shared files on other computers. A flaw was found in the way the Avahi daemon (avahi-daemon) processed Multicast DNS (mDNS) packets with corrupted checksums. An attacker on the local network could use this flaw to cause avahi-daemon on a target system to exit unexpectedly via specially crafted mDNS packets. (CVE-2010-2244) A flaw was found in the way avahi-daemon processed incoming unicast mDNS messages. If the mDNS reflector were enabled on a system, an attacker on the local network could send a specially crafted unicast mDNS message to that system, resulting in its avahi-daemon flooding the network with a multicast packet storm, and consuming a large amount of CPU. Note: The mDNS reflector is disabled by default. (CVE-2009-0758) All users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, avahi-daemon will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 47874 published 2010-07-28 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47874 title RHEL 5 : avahi (RHSA-2010:0528) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0528.NASL description From Red Hat Security Advisory 2010:0528 : Updated avahi packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print to, and find shared files on other computers. A flaw was found in the way the Avahi daemon (avahi-daemon) processed Multicast DNS (mDNS) packets with corrupted checksums. An attacker on the local network could use this flaw to cause avahi-daemon on a target system to exit unexpectedly via specially crafted mDNS packets. (CVE-2010-2244) A flaw was found in the way avahi-daemon processed incoming unicast mDNS messages. If the mDNS reflector were enabled on a system, an attacker on the local network could send a specially crafted unicast mDNS message to that system, resulting in its avahi-daemon flooding the network with a multicast packet storm, and consuming a large amount of CPU. Note: The mDNS reflector is disabled by default. (CVE-2009-0758) All users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, avahi-daemon will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 68061 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68061 title Oracle Linux 5 : avahi (ELSA-2010-0528) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-076.NASL description A security vulnerability has been identified and fixed in avahi which could allow remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet (CVE-2009-0758). The updated packages have been patched to prevent this. last seen 2020-06-01 modified 2020-06-02 plugin id 37087 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/37087 title Mandriva Linux Security Advisory : avahi (MDVSA-2009:076) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2086.NASL description Several vulnerabilities have been discovered in the Avahi mDNS/DNS-SD daemon. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0758 Rob Leslie discovered a denial of service vulnerability in the code used to reflect unicast mDNS traffic. - CVE-2010-2244 Ludwig Nussel discovered a denial of service vulnerability in the processing of malformed DNS packets. last seen 2020-06-01 modified 2020-06-02 plugin id 48248 published 2010-08-05 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48248 title Debian DSA-2086-1 : avahi - several vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_AVAHI-6790.NASL description The avahi-daemon reflector could cause packet storms when reflecting legacy unicast mDNS traffic (CVE-2009-0758). This has been fixed. last seen 2020-06-01 modified 2020-06-02 plugin id 49831 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49831 title SuSE 10 Security Update : avahi (ZYPP Patch Number 6790) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-992-1.NASL description It was discovered that Avahi incorrectly handled certain mDNS query packets when the reflector feature is enabled, which is not the default configuration on Ubuntu. A remote attacker could send crafted mDNS queries and perform a denial of service on the server and on the network. This issue only affected Ubuntu 8.04 LTS and 9.04. (CVE-2009-0758) It was discovered that Avahi incorrectly handled mDNS packets with corrupted checksums. A remote attacker could send crafted mDNS packets and cause Avahi to crash, resulting in a denial of service. (CVE-2010-2244). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 49761 published 2010-10-06 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49761 title Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : avahi vulnerabilities (USN-992-1) NASL family SuSE Local Security Checks NASL id SUSE_11_0_AVAHI-100119.NASL description The avahi-daemon reflector could cause packet storms when reflecting legacy unicast mDNS traffic (CVE-2009-0758). last seen 2020-06-01 modified 2020-06-02 plugin id 44361 published 2010-02-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44361 title openSUSE Security Update : avahi (avahi-1832)
Redhat
| rpms |
|
Statements
| contributor | Tomas Hoger |
| lastmodified | 2010-07-13 |
| organization | Red Hat |
| statement | This issue has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2010-0528.html. |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=517683
- http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00000.html
- http://secunia.com/advisories/38420
- http://www.debian.org/security/2010/dsa-2086
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:076
- http://www.openwall.com/lists/oss-security/2009/03/02/1
- http://www.securityfocus.com/bid/33946