Denial of Service Vulnerability in Avahi Daemon by Avahi Technologies
CVE-2010-2244

Currently unrated

Key Information:

Vendor: Avahi
Status: Avahi
Vendor: CVE Published:; 8 July 2010

What is CVE-2010-2244?

The Avahi Daemon, specifically the AvahiDnsPacket function in avahi-core/socket.c, is susceptible to a denial of service attack. By sending a DNS packet with an invalid checksum followed by a subsequent packet containing a valid checksum, remote attackers can trigger an assertion failure within the daemon, leading to an unexpected exit. This vulnerability can disrupt network services relying on Avahi for service discovery and may impact overall system availability.

References

http://marc.info/?l=oss-security&m=127748459505200&w=2

mailing-listx_refsource_MLIST

http://www.openwall.com/lists/oss-security/2010/06/23/4

mailing-listx_refsource_MLIST

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2010
Vulnerability Reserved
Jun 9, 2010

JSON