Remote Denial of Service Vulnerability in Avahi Daemon
CVE-2011-1002

Currently unrated

Key Information:

Vendor: Avahi
Status: Avahi
Vendor: CVE Published:; 22 February 2011

What is CVE-2011-1002?

The Avahi Daemon is susceptible to a Remote Denial of Service vulnerability that allows attackers to trigger an infinite loop by sending empty mDNS UDP packets over IPv4 or IPv6 to port 5353. This flaw arises from an inadequately addressed prior issue, resulting in potential service disruption and unavailability.

References

http://www.redhat.com/support/errata/RHSA-2011-0779.html

vendor-advisoryx_refsource_REDHAT

https://exchange.xforce.ibmcloud.com/vulnerabilities/65525

vdb-entryx_refsource_XF

http://www.openwall.com/lists/oss-security/2011/02/22/9

mailing-listx_refsource_MLIST

EPSS Score

71% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 22, 2011
Vulnerability Reserved
Feb 14, 2011

JSON