Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avahi avahi vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2009-0758
The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote malicious users to cause a denial of service (networ...
Avahi Avahi-daemon 0.6.23
6.4
CVSSv2
CVE-2017-6519
avahi-daemon in Avahi up to and including 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote malicious users to cause a denial of service (traffic amplification) and may cause information leakage by obtain...
Avahi Avahi
Avahi Avahi 0.7
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
5
CVSSv2
CVE-2015-2809
The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) prior to 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote malicious users to cause a denial of service (traffic amplification) or obtain potent...
Synology Diskstation Manager
5
CVSSv2
CVE-2011-1002
avahi-core/socket.c in avahi-daemon in Avahi prior to 0.6.29 allows remote malicious users to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
Avahi Avahi 0.6.25
Avahi Avahi 0.6.5
Avahi Avahi 0.6.20
Avahi Avahi 0.6.19
Avahi Avahi 0.5.2
Avahi Avahi 0.6.1
Avahi Avahi 0.6.13
Avahi Avahi 0.6.15
Avahi Avahi 0.6.7
Avahi Avahi 0.6.17
Avahi Avahi 0.6.16
Avahi Avahi 0.3
Avahi Avahi
Avahi Avahi 0.6.24
Avahi Avahi 0.6.23
Avahi Avahi 0.6.9
Avahi Avahi 0.2
Avahi Avahi 0.1
Avahi Avahi 0.6.14
Avahi Avahi 0.6.10
Avahi Avahi 0.6.27
Avahi Avahi 0.6.6
2 Nmap scripts
4 Github repositories
5
CVSSv2
CVE-2008-5081
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi prior to 0.6.24 allows remote malicious users to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
Avahi Avahi 0.6.16
Avahi Avahi 0.6.15
Avahi Avahi 0.6.7
Avahi Avahi 0.6.6
Avahi Avahi 0.5.1
Avahi Avahi 0.5
Avahi Avahi 0.6.20
Avahi Avahi 0.6.19
Avahi Avahi 0.6.12
Avahi Avahi 0.6.11
Avahi Avahi 0.6.10
Avahi Avahi 0.6.3
Avahi Avahi 0.6.2
Avahi Avahi 0.2
Avahi Avahi 0.1
Avahi Avahi 0.6.22
Avahi Avahi 0.6.21
Avahi Avahi 0.6.14
Avahi Avahi 0.6.13
Avahi Avahi 0.6.5
Avahi Avahi 0.6.4
Avahi Avahi 0.4
1 EDB exploit
5
CVSSv2
CVE-2006-6870
The consume_labels function in avahi-core/dns.c in Avahi prior to 0.6.16 allows remote malicious users to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself.
Avahi Avahi 0.6.10
Avahi Avahi 0.6.11
Avahi Avahi 0.6.9
Avahi Avahi 0.6.14
Avahi Avahi 0.6.15
Avahi Avahi 0.6.12
Avahi Avahi 0.6.13
Avahi Avahi 0.6.7
Avahi Avahi 0.6.8
4.6
CVSSv2
CVE-2021-26720
avahi-daemon-check-dns.sh in the Debian avahi package up to and including 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local malicious user to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi...
Avahi Avahi
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2010-2244
The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a...
Avahi Avahi 0.6.25
Avahi Avahi 0.6.16
3.6
CVSSv2
CVE-2006-2288
Avahi prior to 0.6.10 allows local users to cause a denial of service (mDNS/DNS-SD service disconnect) via unspecified mDNS name conflicts.
Avahi Avahi 0.6.7
Avahi Avahi 0.6.9
Avahi Avahi 0.6.8
2.1
CVSSv2
CVE-2021-3468
A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local malicious user to trigger an infinite loop. The highest threat fr...
Avahi Avahi
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »