PT-2010-1092 · Avahi+1 · Avahi+1

Published

2010-07-07

Updated

2024-06-15

CVE-2010-2244

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Avahi versions 0.6.16 through 0.6.25 Avahi versions prior to 0.6.28-r1

Description The issue allows remote attackers to cause a denial of service, specifically an assertion failure and daemon exit, by sending a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum. This can lead to disruption of protected information availability. The exploitation can be done remotely.

Recommendations For Avahi versions 0.6.16 through 0.6.25, update to a version prior to 0.6.28-r1 to resolve the issue. For Avahi versions prior to 0.6.28-r1, update to version 0.6.28-r1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-09419

CVE-2010-2244

DSA-2086-1

OPENSUSE-SU-2024:10363-1

RHSA-2010:0528

RHSA-2010_0528

Affected Products

Avahi

Red Hat

PT-2010-1092 · Avahi+1 · Avahi+1

CVE-2010-2244

Related Identifiers

Affected Products

References · 23