Lucene search

K
ubuntuUbuntuUSN-992-1
HistorySep 29, 2010 - 12:00 a.m.

Avahi vulnerabilities

2010-09-2900:00:00
ubuntu.com
45

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.7 High

AI Score

Confidence

High

0.033 Low

EPSS

Percentile

91.3%

Releases

  • Ubuntu 10.04
  • Ubuntu 9.10
  • Ubuntu 9.04
  • Ubuntu 8.04

Packages

  • avahi -

Details

It was discovered that Avahi incorrectly handled certain mDNS query packets
when the reflector feature is enabled, which is not the default
configuration on Ubuntu. A remote attacker could send crafted mDNS queries
and perform a denial of service on the server and on the network. This
issue only affected Ubuntu 8.04 LTS and 9.04. (CVE-2009-0758)

It was discovered that Avahi incorrectly handled mDNS packets with
corrupted checksums. A remote attacker could send crafted mDNS packets and
cause Avahi to crash, resulting in a denial of service. (CVE-2010-2244)

Rows per page:
1-10 of 1111

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.7 High

AI Score

Confidence

High

0.033 Low

EPSS

Percentile

91.3%