FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

avahi -- denial of service

Affected packages
avahi < 0.6.29
avahi-app < 0.6.29
avahi-autoipd < 0.6.29
avahi-gtk < 0.6.29
avahi-libdns < 0.6.29
avahi-qt3 < 0.6.29
avahi-qt4 < 0.6.29
avahi-sharp < 0.6.29

Details

VuXML ID 8b986a05-4dbe-11e0-8b9a-02e0184b8d35
Discovery 2011-02-21
Entry 2011-03-13

Avahi developers reports:

A vulnerability has been reported in Avahi, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing certain UDP packets, which can be exploited to trigger an infinite loop by e.g. sending an empty packet to port 5353/UDP.

[source]

References

CVE Name CVE-2010-2244
CVE Name CVE-2011-1002
URL http://secunia.com/advisories/43361/
URL https://bugzilla.redhat.com/show_bug.cgi?id=667187

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.