3 matches found
Synology DiskStation Manager Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-2809)
The Multicast DNS mDNS responder in Synology DiskStation Manager DSM before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service traffic amplification or obtain potentially sensitive information via...
Amazon Linux 2 : avahi (ALAS-2020-1502)
The version of avahi installed on the remote host is prior to 0.6.31-20. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1502 advisory. avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not...
CVE-2015-2809
Summary: Multiple connected advisories confirm a vulnerability related to the Avahi daemon (unrelated to DSM CVE-2015-2809) where Avahi through 0.6.x/0.7.x replies to IPv6 unicast queries with non on-link source addresses, enabling remote DoS (traffic amplification) and potentially information le...