CVE-2017-6519

CVSS v2.0

9.4

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions: Avahi versions 0.6.32 through 0.7

Description: The issue is related to the avahi-daemon in Avahi, which inadvertently responds to IPv6 unicast queries with source addresses that are not on-link. This allows remote attackers to cause a denial of service (traffic amplification) and may lead to information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets.

Recommendations: For Avahi versions 0.6.32 through 0.7, consider disabling the avahi-daemon service as a temporary workaround to minimize the risk of exploitation. Restrict access to port 5353 to prevent UDP packets from reaching the vulnerable service.

Exploit

Fix

DoS

Origin Validation Error

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-346CWE-284

Related Identifiers

ALT-PU-2019-2684

ALT-PU-2020-2452

ALT-PU-2020-2940

AZL-6322

BDU:2019-00693

CESA-2020_1176

CVE-2017-6519

MGASA-2019-0081

OPENSUSE-SU-2024:10643-1

RHSA-2020:1176

RHSA-2020_1176

USN-3876-1

USN-3876-2

Affected Products

Alt Linux

Astra Linux

Avahi

Centos

Red Hat

Ubuntu

CVE-2017-6519

Weakness Enumeration

Related Identifiers

Affected Products

References · 47