Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2010-2244

Published: 08/07/2010 Updated: 07/03/2011
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Avahi

Vulnerability Summary

The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081.

Vulnerable Product Search on Vulmon Subscribe to Product

avahi avahi 0.6.25

avahi avahi 0.6.16

Vendor Advisories

Ubuntu Security Notice: avahi vulnerabilities
It was discovered that Avahi incorrectly handled certain mDNS query packets when the reflector feature is enabled, which is not the default configuration on Ubuntu A remote attacker could send crafted mDNS queries and perform a denial of service on the server and on the network This issue only affected Ubuntu 804 LTS and 904 (CVE-2009-0758) ...
Debian CVElist Bug Report Logs: avahi-daemon uses 100% of cpu when scanned with nmap (DoS possible?)
Debian Bug report logs - #614785 avahi-daemon uses 100% of cpu when scanned with nmap (DoS possible?) Package: avahi-daemon; Maintainer for avahi-daemon is Utopia Maintenance Team <pkg-utopia-maintainers@listsaliothdebianorg>; Source for avahi-daemon is src:avahi (PTS, buildd, popcon) Reported by: Alexander Kurtz <kurt ...

References

NVD-CWE-Otherhttps://bugzilla.redhat.com/show_bug.cgi?id=607293http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043820.htmlhttp://marc.info/?l=oss-security&m=127748459505200&w=2http://www.openwall.com/lists/oss-security/2010/06/23/4http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043800.htmlhttp://www.securitytracker.com/id?1024200http://www.debian.org/security/2010/dsa-2086http://www.mandriva.com/security/advisories?name=MDVSA-2010:204https://usn.ubuntu.com/992-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook