Back to search
CVE-2011-1002
Published: Feb 22, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2011:0779
vendor-advisory
x_refsource_REDHAT
avahi-udp-packet-dos(65525)
vdb-entry
x_refsource_XF
[oss-security] 20110222 Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP
mailing-list
x_refsource_MLIST
RHSA-2011:0436
vendor-advisory
x_refsource_REDHAT
ADV-2011-0511
vdb-entry
x_refsource_VUPEN
[oss-security] 20110218 CVE request: avahi daemon remote denial of service by sending NULL UDP
mailing-list
x_refsource_MLIST
43605
third-party-advisory
x_refsource_SECUNIA
43465
third-party-advisory
x_refsource_SECUNIA
43673
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0601
vdb-entry
x_refsource_VUPEN
https://bugzilla.redhat.com/show_bug.cgi?id=667187
x_refsource_CONFIRM
ADV-2011-0969
vdb-entry
x_refsource_VUPEN
avahi-udp-dos(65524)
vdb-entry
x_refsource_XF
44131
third-party-advisory
x_refsource_SECUNIA
MDVSA-2011:040
vendor-advisory
x_refsource_MANDRIVA
46446
vdb-entry
x_refsource_BID
MDVSA-2011:037
vendor-advisory
x_refsource_MANDRIVA
ADV-2011-0448
vdb-entry
x_refsource_VUPEN
SUSE-SR:2011:005
vendor-advisory
x_refsource_SUSE
DSA-2174
vendor-advisory
x_refsource_DEBIAN
ADV-2011-0499
vdb-entry
x_refsource_VUPEN
70948
vdb-entry
x_refsource_OSVDB
43361
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0670
vdb-entry
x_refsource_VUPEN
http://avahi.org/ticket/325
x_refsource_CONFIRM
FEDORA-2011-3033
vendor-advisory
x_refsource_FEDORA
ADV-2011-0565
vdb-entry
x_refsource_VUPEN
USN-1084-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20110218 Re: CVE request: avahi daemon remote denial of service by sending NULL UDP
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now