CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
91.6%
CentOS Errata and Security Advisory CESA-2010:0528
Avahi is an implementation of the DNS Service Discovery and Multicast DNS
specifications for Zero Configuration Networking. It facilitates service
discovery on a local network. Avahi and Avahi-aware applications allow you
to plug your computer into a network and, with no configuration, view other
people to chat with, view printers to print to, and find shared files on
other computers.
A flaw was found in the way the Avahi daemon (avahi-daemon) processed
Multicast DNS (mDNS) packets with corrupted checksums. An attacker on the
local network could use this flaw to cause avahi-daemon on a target system
to exit unexpectedly via specially-crafted mDNS packets. (CVE-2010-2244)
A flaw was found in the way avahi-daemon processed incoming unicast mDNS
messages. If the mDNS reflector were enabled on a system, an attacker on
the local network could send a specially-crafted unicast mDNS message to
that system, resulting in its avahi-daemon flooding the network with a
multicast packet storm, and consuming a large amount of CPU. Note: The mDNS
reflector is disabled by default. (CVE-2009-0758)
All users are advised to upgrade to these updated packages, which contain
backported patches to correct these issues. After installing the update,
avahi-daemon will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-July/078939.html
https://lists.centos.org/pipermail/centos-announce/2010-July/078940.html
Affected packages:
avahi
avahi-compat-howl
avahi-compat-howl-devel
avahi-compat-libdns_sd
avahi-compat-libdns_sd-devel
avahi-devel
avahi-glib
avahi-glib-devel
avahi-qt3
avahi-qt3-devel
avahi-tools
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0528
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i386 | avahi | <ย 0.6.16-9.el5_5 | avahi-0.6.16-9.el5_5.i386.rpm |
CentOS | 5 | x86_64 | avahi | <ย 0.6.16-9.el5_5 | avahi-0.6.16-9.el5_5.x86_64.rpm |
CentOS | 5 | i386 | avahi-compat-howl | <ย 0.6.16-9.el5_5 | avahi-compat-howl-0.6.16-9.el5_5.i386.rpm |
CentOS | 5 | x86_64 | avahi-compat-howl | <ย 0.6.16-9.el5_5 | avahi-compat-howl-0.6.16-9.el5_5.x86_64.rpm |
CentOS | 5 | i386 | avahi-compat-howl-devel | <ย 0.6.16-9.el5_5 | avahi-compat-howl-devel-0.6.16-9.el5_5.i386.rpm |
CentOS | 5 | x86_64 | avahi-compat-howl-devel | <ย 0.6.16-9.el5_5 | avahi-compat-howl-devel-0.6.16-9.el5_5.x86_64.rpm |
CentOS | 5 | i386 | avahi-compat-libdns_sd | <ย 0.6.16-9.el5_5 | avahi-compat-libdns_sd-0.6.16-9.el5_5.i386.rpm |
CentOS | 5 | x86_64 | avahi-compat-libdns_sd | <ย 0.6.16-9.el5_5 | avahi-compat-libdns_sd-0.6.16-9.el5_5.x86_64.rpm |
CentOS | 5 | i386 | avahi-compat-libdns_sd-devel | <ย 0.6.16-9.el5_5 | avahi-compat-libdns_sd-devel-0.6.16-9.el5_5.i386.rpm |
CentOS | 5 | x86_64 | avahi-compat-libdns_sd-devel | <ย 0.6.16-9.el5_5 | avahi-compat-libdns_sd-devel-0.6.16-9.el5_5.x86_64.rpm |