{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-18T00:00:00", "descriptions": [{"lang": "en", "value": "avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2011:0779", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0779.html"}, {"name": "avahi-udp-packet-dos(65525)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65525"}, {"name": "[oss-security] 20110222 Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/02/22/9"}, {"name": "RHSA-2011:0436", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0436.html"}, {"name": "ADV-2011-0511", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0511"}, {"name": "[oss-security] 20110218 CVE request: avahi daemon remote denial of service by sending NULL UDP", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/02/18/1"}, {"name": "43605", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43605"}, {"name": "43465", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43465"}, {"name": "43673", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43673"}, {"name": "ADV-2011-0601", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0601"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667187"}, {"name": "ADV-2011-0969", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0969"}, {"name": "avahi-udp-dos(65524)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65524"}, {"name": "44131", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/44131"}, {"name": "MDVSA-2011:040", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:040"}, {"name": "46446", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46446"}, {"name": "MDVSA-2011:037", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:037"}, {"name": "ADV-2011-0448", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0448"}, {"name": "SUSE-SR:2011:005", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"name": "DSA-2174", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2174"}, {"name": "ADV-2011-0499", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0499"}, {"name": "70948", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/70948"}, {"name": "43361", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43361"}, {"name": "ADV-2011-0670", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0670"}, {"tags": ["x_refsource_MISC"], "url": "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://avahi.org/ticket/325"}, {"name": "FEDORA-2011-3033", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html"}, {"name": "ADV-2011-0565", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0565"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.0pointer.de/?p=avahi.git%3Ba=commit%3Bh=46109dfec75534fe270c0ab902576f685d5ab3a6"}, {"name": "USN-1084-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://ubuntu.com/usn/usn-1084-1"}, {"name": "[oss-security] 20110218 Re: CVE request: avahi daemon remote denial of service by sending NULL UDP", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/02/18/4"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:14:26.817Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2011:0779", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0779.html"}, {"name": "avahi-udp-packet-dos(65525)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65525"}, {"name": "[oss-security] 20110222 Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/02/22/9"}, {"name": "RHSA-2011:0436", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0436.html"}, {"name": "ADV-2011-0511", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0511"}, {"name": "[oss-security] 20110218 CVE request: avahi daemon remote denial of service by sending NULL UDP", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/02/18/1"}, {"name": "43605", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43605"}, {"name": "43465", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43465"}, {"name": "43673", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43673"}, {"name": "ADV-2011-0601", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0601"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667187"}, {"name": "ADV-2011-0969", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0969"}, {"name": "avahi-udp-dos(65524)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65524"}, {"name": "44131", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/44131"}, {"name": "MDVSA-2011:040", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:040"}, {"name": "46446", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46446"}, {"name": "MDVSA-2011:037", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:037"}, {"name": "ADV-2011-0448", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0448"}, {"name": "SUSE-SR:2011:005", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"name": "DSA-2174", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2174"}, {"name": "ADV-2011-0499", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0499"}, {"name": "70948", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/70948"}, {"name": "43361", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43361"}, {"name": "ADV-2011-0670", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0670"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://avahi.org/ticket/325"}, {"name": "FEDORA-2011-3033", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html"}, {"name": "ADV-2011-0565", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0565"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.0pointer.de/?p=avahi.git%3Ba=commit%3Bh=46109dfec75534fe270c0ab902576f685d5ab3a6"}, {"name": "USN-1084-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://ubuntu.com/usn/usn-1084-1"}, {"name": "[oss-security] 20110218 Re: CVE request: avahi daemon remote denial of service by sending NULL UDP", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/02/18/4"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1002", "datePublished": "2011-02-22T18:00:00", "dateReserved": "2011-02-14T00:00:00", "dateUpdated": "2024-08-06T22:14:26.817Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*", "matchCriteriaId": "95B53C03-9556-4464-96C9-BF5B0CA9C88B", "versionEndIncluding": "0.6.28", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EB4B0D9D-FEBD-4C27-8208-CCB5BA5975AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "EA69351E-9DB3-4F0E-AE4D-C5448BD0D99B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "236CE850-B281-428F-8E2D-E0CC649C79FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "1C1BDC60-035E-4F42-8FE2-1B1E22DC64B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FC11CFE6-B57C-484C-8F10-9F68FED7B467", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "9CC276CA-DC35-4955-82C6-EC0059970195", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "7D330EA3-8EB9-4498-B6AD-787FF14ACE39", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "3AACF748-AF75-46B3-BCF7-5E51FE51AB5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "2D210D68-75A5-4518-B012-23474DA04E04", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "FB8A5591-6D72-4E74-A187-936A900CB1F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "B839D606-3383-4887-862A-3E72F134352F", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "D78AC30C-D5F7-4142-B4F2-1132BF0D1000", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "5FBA6408-1181-44DA-9C75-734AD745780C", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "7C0D4625-24B2-4BF7-B32B-7BCC12C8BD1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "8266D64B-B067-413E-BDA7-4AB770D4F570", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "F99BF964-2FC8-45B5-AD69-4790179B8AF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "9CA79F96-1C98-49BE-8197-D52B8B6DEF24", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "6FF6E882-B66D-4B84-AFE7-D96B1B43E65D", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.12:*:*:*:*:*:*:*", "matchCriteriaId": "AC5A8266-1859-45EB-9F16-BF0A5DE1A651", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.13:*:*:*:*:*:*:*", "matchCriteriaId": "DC2000C5-238B-43EF-B374-E7505CC61B29", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.14:*:*:*:*:*:*:*", "matchCriteriaId": "9BAC2B1B-C800-410D-8484-569675FFD484", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.15:*:*:*:*:*:*:*", "matchCriteriaId": "BD6F264D-6E78-4E57-96F7-C8B86BDFBD95", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.16:*:*:*:*:*:*:*", "matchCriteriaId": "2A18985C-8EBB-43A0-BCFC-5CF08DF9D3A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.17:*:*:*:*:*:*:*", "matchCriteriaId": "26E4AECD-B872-46D5-AAA0-280CC32E2F64", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.18:*:*:*:*:*:*:*", "matchCriteriaId": "563F6941-3A7E-4C44-BAC8-C19BDED9BDF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.19:*:*:*:*:*:*:*", "matchCriteriaId": "12B07E9A-345B-4E14-9D0D-5CAB84761D93", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.20:*:*:*:*:*:*:*", "matchCriteriaId": "5A187641-2E8C-4B40-B861-E49294F3E39F", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.21:*:*:*:*:*:*:*", "matchCriteriaId": "C6FE243E-6E65-4726-832D-0585FE31A182", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.22:*:*:*:*:*:*:*", "matchCriteriaId": "735FEE37-3948-46DD-A56F-42078EF31345", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.23:*:*:*:*:*:*:*", "matchCriteriaId": "9658080D-9785-4FB2-90A5-46F5A42923EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.24:*:*:*:*:*:*:*", "matchCriteriaId": "E6EBAEB0-523C-4722-9E22-6A607641F919", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.25:*:*:*:*:*:*:*", "matchCriteriaId": "BCABA66C-DFA0-4760-9176-F2D693381620", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.26:*:*:*:*:*:*:*", "matchCriteriaId": "EE1D288C-8288-4BA8-A2C4-829A5891EF3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.6.27:*:*:*:*:*:*:*", "matchCriteriaId": "18AA4A79-C9C6-4D39-978E-0F55152AAC53", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*", "matchCriteriaId": "9396E005-22D8-4342-9323-C7DEA379191D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244."}, {"lang": "es", "value": "avahi-core/socket.c en avahi-daemon en Avahi antes de v0.6.29 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de un paquete UDP (1) IPv4 o (2) IPv6 vac\u00edos al puerto 5353. NOTA: esta vulnerabilidad existe debido a una correcci\u00f3n incorrecta del CVE-2010-2244."}], "id": "CVE-2011-1002", "lastModified": "2023-12-22T18:19:10.320", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-02-22T19:00:02.503", "references": [{"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://avahi.org/ticket/325"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://git.0pointer.de/?p=avahi.git%3Ba=commit%3Bh=46109dfec75534fe270c0ab902576f685d5ab3a6"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2011/02/18/1"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2011/02/18/4"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://osvdb.org/70948"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/43361"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/43465"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/43605"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/43673"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/44131"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://ubuntu.com/usn/usn-1084-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2011/dsa-2174"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:037"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:040"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/02/22/9"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0436.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0779.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/46446"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0448"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0499"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0511"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0565"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0601"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0670"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0969"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Third Party Advisory"], "url": "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667187"}, {"source": "secalert@redhat.com", "tags": ["Not Applicable"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65524"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65525"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:0436", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "avahi-0:0.6.16-10.el5_6", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2011-04-12T00:00:00Z"}, {"advisory": "RHSA-2011:0779", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "avahi-0:0.6.25-11.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-05-19T00:00:00Z"}], "bugzilla": {"description": "avahi: daemon infinite loop triggered by an empty UDP packet (CVE-2010-2244 fix regression)", "id": "667187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667187"}, "csaw": false, "cvss": {"cvss_base_score": "3.3", "cvss_scoring_vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "status": "verified"}, "cwe": "CWE-835", "details": ["avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244."], "name": "CVE-2011-1002", "public_date": "2011-01-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-1002\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-1002"], "threat_severity": "Moderate"}