Lucene search

K
osvGoogleOSV:DSA-2086-1
HistoryAug 04, 2010 - 12:00 a.m.

avahi - denial of service

2010-08-0400:00:00
Google
osv.dev
8

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.033 Low

EPSS

Percentile

91.3%

Several vulnerabilities have been discovered in the Avahi mDNS/DNS-SD
daemon. The Common Vulnerabilities and Exposures project identifies
the following problems:

  • CVE-2009-0758
    Rob Leslie discovered a denial of service vulnerability in the
    code used to reflect unicast mDNS traffic.
  • CVE-2010-2244
    Ludwig Nussel discovered a denial of service vulnerability in
    the processing of malformed DNS packets.

For the stable distribution (lenny), these problems have been fixed in
version 0.6.23-3lenny2.

For the unstable distribution (sid), these problems have been fixed in
version 0.6.26-1.

We recommend that you upgrade your Avahi packages.

CPENameOperatorVersion
avahieq0.6.23-3lenny1

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.033 Low

EPSS

Percentile

91.3%