CVE-2009-0758 - The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.

CVE-2009-0758

Summary

The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.

References

Vulnerable Configurations

cpe:2.3:a:avahi:avahi-daemon:0.6.23:*:*:*:*:*:*:*
cpe:2.3:a:avahi:avahi-daemon:0.6.23:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 12-08-2010 - 14:13)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

redhat via4

rpms

avahi-0:0.6.16-9.el5_5
avahi-compat-howl-0:0.6.16-9.el5_5
avahi-compat-howl-devel-0:0.6.16-9.el5_5
avahi-compat-libdns_sd-0:0.6.16-9.el5_5
avahi-compat-libdns_sd-devel-0:0.6.16-9.el5_5
avahi-debuginfo-0:0.6.16-9.el5_5
avahi-devel-0:0.6.16-9.el5_5
avahi-glib-0:0.6.16-9.el5_5
avahi-glib-devel-0:0.6.16-9.el5_5
avahi-qt3-0:0.6.16-9.el5_5
avahi-qt3-devel-0:0.6.16-9.el5_5
avahi-tools-0:0.6.16-9.el5_5

refmap via4

bid	33946
debian	DSA-2086
mandriva	MDVSA-2009:076
misc	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=517683
mlist	[oss-security] 20090302 CVE id request: avahi
secunia	38420
suse	SUSE-SR:2010:002

statements via4

contributor	Tomas Hoger
lastmodified	2010-07-13
organization	Red Hat
statement	This issue has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2010-0528.html.

Last major update

12-08-2010 - 14:13

Published

03-03-2009 - 16:30

Last modified

12-08-2010 - 14:13