Your submission was sent successfully! Close

CVE-2011-1002

Published: 22 February 2011

avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.

Priority

Medium

Status

Package Release Status
avahi
Launchpad, Ubuntu, Debian
Upstream
Released (0.6.29)
Patches:
Upstream: http://git.0pointer.de/?p=avahi.git;a=commit;h=46109dfec75534fe270c0ab902576f685d5ab3a6