Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2009:0013
HistoryJan 14, 2009 - 12:46 a.m.

avahi security update

2009-01-1400:46:56
CentOS Project
lists.centos.org
52

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.955

Percentile

99.4%

JSON

CentOS Errata and Security Advisory CESA-2009:0013

Avahi is an implementation of the DNS Service Discovery and Multicast DNS
specifications for Zeroconf Networking. It facilitates service discovery on
a local network. Avahi and Avahi-aware applications allow you to plug your
computer into a network and, with no configuration, view other people to
chat with, see printers to print to, and find shared files on other computers.

Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote
attacker on the same local area network (LAN) could send a
specially-crafted mDNS (Multicast DNS) packet that would cause avahi-daemon
to exit unexpectedly due to a failed assertion check. (CVE-2008-5081)

All users are advised to upgrade to these updated packages, which contain a
backported patch which resolves this issue. After installing the update,
avahi-daemon will be restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2009-January/077704.html
https://lists.centos.org/pipermail/centos-announce/2009-January/077705.html

Affected packages:
avahi
avahi-compat-howl
avahi-compat-howl-devel
avahi-compat-libdns_sd
avahi-compat-libdns_sd-devel
avahi-devel
avahi-glib
avahi-glib-devel
avahi-qt3
avahi-qt3-devel
avahi-tools

Upstream details at:
https://access.redhat.com/errata/RHSA-2009:0013

OSVersionArchitecturePackageVersionFilename
CentOS5i386avahi< 0.6.16-1.el5_2.1avahi-0.6.16-1.el5_2.1.i386.rpm
CentOS5x86_64avahi< 0.6.16-1.el5_2.1avahi-0.6.16-1.el5_2.1.x86_64.rpm
CentOS5i386avahi-compat-howl< 0.6.16-1.el5_2.1avahi-compat-howl-0.6.16-1.el5_2.1.i386.rpm
CentOS5x86_64avahi-compat-howl< 0.6.16-1.el5_2.1avahi-compat-howl-0.6.16-1.el5_2.1.x86_64.rpm
CentOS5i386avahi-compat-howl-devel< 0.6.16-1.el5_2.1avahi-compat-howl-devel-0.6.16-1.el5_2.1.i386.rpm
CentOS5x86_64avahi-compat-howl-devel< 0.6.16-1.el5_2.1avahi-compat-howl-devel-0.6.16-1.el5_2.1.x86_64.rpm
CentOS5i386avahi-compat-libdns_sd< 0.6.16-1.el5_2.1avahi-compat-libdns_sd-0.6.16-1.el5_2.1.i386.rpm
CentOS5x86_64avahi-compat-libdns_sd< 0.6.16-1.el5_2.1avahi-compat-libdns_sd-0.6.16-1.el5_2.1.x86_64.rpm
CentOS5i386avahi-compat-libdns_sd-devel< 0.6.16-1.el5_2.1avahi-compat-libdns_sd-devel-0.6.16-1.el5_2.1.i386.rpm
CentOS5x86_64avahi-compat-libdns_sd-devel< 0.6.16-1.el5_2.1avahi-compat-libdns_sd-devel-0.6.16-1.el5_2.1.x86_64.rpm
Rows per page:
1-10 of 641

Related

openvas 30
metasploit 1
oraclelinux 1
nessus 14
cvelist 2
packetstorm 1
fedora 1
cve 2
nvd 2
prion 2
exploitpack 1
ubuntucve 2
seebug 2
redhat 1
securityvulns 2
debiancve 2
zdt 1
gentoo 1
exploitdb 1
osv 1
debian 1
ubuntu 1
openvas
openvas
Fedora Core 10 FEDORA-2008-11351 (avahi)
2009-01-07 00:00:00
RedHat Security Advisory RHSA-2009:0013
2009-01-13 00:00:00
Avahi Denial of Service Vulnerability
2008-12-31 00:00:00
metasploit
metasploit
Avahi Source Port 0 DoS
2010-02-23 18:03:54
oraclelinux
oraclelinux
avahi security update
2009-01-12 00:00:00
nessus
nessus
Fedora 10 : avahi-0.6.22-12.fc10 (2008-11351)
2009-04-23 00:00:00
openSUSE Security Update : avahi (avahi-384)
2009-07-21 00:00:00
RHEL 5 : avahi (RHSA-2009:0013)
2009-01-13 00:00:00
cvelist
cvelist
CVE-2008-5081
2008-12-17 02:00:00
CVE-2010-2244
2010-07-07 18:00:00
packetstorm
packetstorm
Avahi Source Port 0 Denial of Service
2024-08-31 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: avahi-0.6.22-12.fc10
2009-01-07 09:33:13
cve
cve
CVE-2008-5081
2008-12-17 02:30:00
CVE-2010-2244
2010-07-08 12:54:47
nvd
nvd
CVE-2008-5081
2008-12-17 02:30:00
CVE-2010-2244
2010-07-08 12:54:47
prion
prion
Design/Logic Flaw
2008-12-17 02:30:00
Design/Logic Flaw
2010-07-08 12:54:00
exploitpack
exploitpack
Avahi 0.6.24 - mDNS Daemon Remote Denial of Service
2008-12-19 00:00:00
ubuntucve
ubuntucve
CVE-2008-5081
2008-12-17 00:00:00
CVE-2010-2244
2010-07-08 00:00:00
seebug
seebug
Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
2014-07-01 00:00:00
Avahi &lt; 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
2008-12-21 00:00:00
redhat
redhat
(RHSA-2009:0013) Moderate: avahi security update
2009-01-12 00:00:00
securityvulns
securityvulns
Avahi multicast DNS server DoS
2008-12-23 00:00:00
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service
2008-12-23 00:00:00
debiancve
debiancve
CVE-2008-5081
2008-12-17 02:30:00
CVE-2010-2244
2010-07-08 12:54:47
zdt
zdt
Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
2008-12-19 00:00:00
gentoo
gentoo
Avahi: Denial of service
2009-01-14 00:00:00
exploitdb
exploitdb
Avahi &lt; 0.6.24 - mDNS Daemon Remote Denial of Service
2008-12-19 00:00:00
osv
osv
avahi - denial of service
2008-12-22 00:00:00
debian
debian
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service
2008-12-22 06:49:55
ubuntu
ubuntu
Avahi vulnerabilities
2008-12-18 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.955

Percentile

99.4%

JSON
Related for CESA-2009:0013
openvas30metasploit1oraclelinux1nessus14cvelist2packetstorm1fedora1cve2nvd2prion2exploitpack1ubuntucve2seebug2redhat1securityvulns2debiancve2zdt1gentoo1exploitdb1osv1debian1ubuntu1