ID CVE-2008-5081
Summary The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
References
Vulnerable Configurations
  • Avahi 0.6.22
    cpe:2.3:a:avahi:avahi:0.6.22
  • Avahi 0.6.21
    cpe:2.3:a:avahi:avahi:0.6.21
  • Avahi 0.6.20
    cpe:2.3:a:avahi:avahi:0.6.20
  • Avahi 0.6.19
    cpe:2.3:a:avahi:avahi:0.6.19
  • Avahi 0.6.18
    cpe:2.3:a:avahi:avahi:0.6.18
  • Avahi 0.6.17
    cpe:2.3:a:avahi:avahi:0.6.17
  • Avahi 0.6.16
    cpe:2.3:a:avahi:avahi:0.6.16
  • Avahi 0.6.15
    cpe:2.3:a:avahi:avahi:0.6.15
  • Avahi 0.6.14
    cpe:2.3:a:avahi:avahi:0.6.14
  • Avahi 0.6.13
    cpe:2.3:a:avahi:avahi:0.6.13
  • Avahi 0.6.12
    cpe:2.3:a:avahi:avahi:0.6.12
  • Avahi 0.6.11
    cpe:2.3:a:avahi:avahi:0.6.11
  • Avahi 0.6.10
    cpe:2.3:a:avahi:avahi:0.6.10
  • Avahi 0.6.9
    cpe:2.3:a:avahi:avahi:0.6.9
  • Avahi 0.6.8
    cpe:2.3:a:avahi:avahi:0.6.8
  • Avahi 0.6.7
    cpe:2.3:a:avahi:avahi:0.6.7
  • Avahi 0.6.6
    cpe:2.3:a:avahi:avahi:0.6.6
  • Avahi 0.6.5
    cpe:2.3:a:avahi:avahi:0.6.5
  • Avahi 0.6.4
    cpe:2.3:a:avahi:avahi:0.6.4
  • Avahi 0.6.3
    cpe:2.3:a:avahi:avahi:0.6.3
  • Avahi 0.6.2
    cpe:2.3:a:avahi:avahi:0.6.2
  • Avahi 0.6.1
    cpe:2.3:a:avahi:avahi:0.6.1
  • Avahi 0.5.2
    cpe:2.3:a:avahi:avahi:0.5.2
  • Avahi 0.5.1
    cpe:2.3:a:avahi:avahi:0.5.1
  • Avahi 0.5
    cpe:2.3:a:avahi:avahi:0.5
  • Avahi 0.4
    cpe:2.3:a:avahi:avahi:0.4
  • Avahi 0.3
    cpe:2.3:a:avahi:avahi:0.3
  • Avahi 0.2
    cpe:2.3:a:avahi:avahi:0.2
  • Avahi 0.1
    cpe:2.3:a:avahi:avahi:0.1
  • Avahi 0.6.23
    cpe:2.3:a:avahi:avahi:0.6.23
CVSS
Base: 5.0 (as of 17-12-2008 - 13:23)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit. CVE-2008-5081. Dos exploits for multiple platform
file exploits/multiple/dos/7520.c
id EDB-ID:7520
last seen 2016-02-01
modified 2008-12-19
platform multiple
port
published 2008-12-19
reporter Jon Oberheide
source https://www.exploit-db.com/download/7520/
title Avahi < 0.6.24 mDNS Daemon Remote Denial of Service Exploit
type dos
metasploit via4
description Avahi-daemon versions prior to 0.6.24 can be DoS'd with an mDNS packet with a source port of 0.
id MSF:AUXILIARY/DOS/MDNS/AVAHI_PORTZERO
last seen 2019-03-31
modified 2017-07-24
published 2010-02-23
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/mdns/avahi_portzero.rb
title Avahi Source Port 0 DoS
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_AVAHI-5882.NASL
    description Specially crafted mDNS packets could crash the Avahi daemon (CVE-2008-5081).
    last seen 2019-02-21
    modified 2015-01-13
    plugin id 35565
    published 2009-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35565
    title openSUSE 10 Security Update : avahi (avahi-5882)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-0013.NASL
    description Updated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) All users are advised to upgrade to these updated packages, which contain a backported patch which resolves this issue. After installing the update, avahi-daemon will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 43726
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43726
    title CentOS 5 : avahi (CESA-2009:0013)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_AVAHI-5870.NASL
    description Specially crafted mDNS packets could crash the Avahi daemon. (CVE-2008-5081)
    last seen 2018-09-01
    modified 2015-01-13
    plugin id 51718
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51718
    title SuSE 10 Security Update : avahi (ZYPP Patch Number 5870)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1690.NASL
    description Two denial of service conditions were discovered in avahi, a Multicast DNS implementation. Huge Dias discovered that the avahi daemon aborts with an assert error if it encounters a UDP packet with source port 0 (CVE-2008-5081 ). It was discovered that the avahi daemon aborts with an assert error if it receives an empty TXT record over D-Bus (CVE-2007-3372 ).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 35253
    published 2008-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35253
    title Debian DSA-1690-1 : avahi - assert errors
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200901-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-200901-11 (Avahi: Denial of Service) Hugo Dias reported a failed assertion in the originates_from_local_legacy_unicast_socket() function in avahi-core/server.c when processing mDNS packets with a source port of 0. Impact : A remote attacker could send specially crafted packets to the daemon, leading to its crash. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 35380
    published 2009-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35380
    title GLSA-200901-11 : Avahi: Denial of Service
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-0013.NASL
    description From Red Hat Security Advisory 2009:0013 : Updated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) All users are advised to upgrade to these updated packages, which contain a backported patch which resolves this issue. After installing the update, avahi-daemon will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 67789
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67789
    title Oracle Linux 5 : avahi (ELSA-2009-0013)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_AVAHI-081218.NASL
    description Specially crafted mDNS packets could crash the Avahi daemon (CVE-2008-5081).
    last seen 2019-02-21
    modified 2015-01-13
    plugin id 40192
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40192
    title openSUSE Security Update : avahi (avahi-384)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-0013.NASL
    description Updated avahi packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) All users are advised to upgrade to these updated packages, which contain a backported patch which resolves this issue. After installing the update, avahi-daemon will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 35358
    published 2009-01-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35358
    title RHEL 5 : avahi (RHSA-2009:0013)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090112_AVAHI_ON_SL5_X.NASL
    description Hugo Dias discovered a denial of service flaw in avahi-daemon. A remote attacker on the same local area network (LAN) could send a specially crafted mDNS (Multicast DNS) packet that would cause avahi-daemon to exit unexpectedly due to a failed assertion check. (CVE-2008-5081) After installing the update, the avahi-daemon will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60518
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60518
    title Scientific Linux Security Update : avahi on SL5.x i386/x86_64
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-696-1.NASL
    description Emanuele Aina discovered that Avahi did not properly validate its input when processing data over D-Bus. A local attacker could send an empty TXT message via D-Bus and cause a denial of service (failed assertion). This issue only affected Ubuntu 6.06 LTS. (CVE-2007-3372) Hugo Dias discovered that Avahi did not properly verify its input when processing mDNS packets. A remote attacker could send a crafted mDNS packet and cause a denial of service (assertion failure). (CVE-2008-5081). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 36657
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36657
    title Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : avahi vulnerabilities (USN-696-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-11351.NASL
    description This version includes five patches backported from the recently released 0.6.24 : - A trivial security fix for CVE-2008-5081, rhbz 475964. - A trivial fix for the threaded event loop, avahi bts #251 - A trivial fix unbreaking the --force-bind logic of avahi-autoipd, avahi bts #209 - A trivial fix to make sure we never end up with an invalid IP address in avahi-autoipd, avahi bts #231 - A trivial change to include the host name of the sender when we receive bogus mDNS packets, rhbz #438013 All changes are 'trivial', i.e. very simple in nature. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 37488
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37488
    title Fedora 10 : avahi-0.6.22-12.fc10 (2008-11351)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_AVAHI-081218.NASL
    description Specially crafted mDNS packets could crash the Avahi daemon (CVE-2008-5081).
    last seen 2019-02-21
    modified 2015-01-13
    plugin id 39919
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39919
    title openSUSE Security Update : avahi (avahi-384)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-031.NASL
    description A vulnerability has been discovered in Avahi before 0.6.24, which allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0 (CVE-2008-5081). The updated packages have been patched to prevent this.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 36599
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36599
    title Mandriva Linux Security Advisory : avahi (MDVSA-2009:031)
oval via4
accepted 2013-04-29T04:23:55.086-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
family unix
id oval:org.mitre.oval:def:9987
status accepted
submitted 2010-07-09T03:56:16-04:00
title The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
version 18
redhat via4
advisories
bugzilla
id 475964
title CVE-2008-5081 avahi: avahi-daemon DoS (application abort) via packet with source port 0
oval
AND
  • comment Red Hat Enterprise Linux 5 is installed
    oval oval:com.redhat.rhsa:tst:20070055001
  • OR
    • AND
      • comment avahi is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013002
      • comment avahi is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013003
    • AND
      • comment avahi-compat-howl is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013022
      • comment avahi-compat-howl is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013023
    • AND
      • comment avahi-compat-howl-devel is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013010
      • comment avahi-compat-howl-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013011
    • AND
      • comment avahi-compat-libdns_sd is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013004
      • comment avahi-compat-libdns_sd is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013005
    • AND
      • comment avahi-compat-libdns_sd-devel is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013020
      • comment avahi-compat-libdns_sd-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013021
    • AND
      • comment avahi-devel is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013016
      • comment avahi-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013017
    • AND
      • comment avahi-glib is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013008
      • comment avahi-glib is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013009
    • AND
      • comment avahi-glib-devel is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013018
      • comment avahi-glib-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013019
    • AND
      • comment avahi-qt3 is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013014
      • comment avahi-qt3 is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013015
    • AND
      • comment avahi-qt3-devel is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013012
      • comment avahi-qt3-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013013
    • AND
      • comment avahi-tools is earlier than 0:0.6.16-1.el5_2.1
        oval oval:com.redhat.rhsa:tst:20090013006
      • comment avahi-tools is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090013007
rhsa
id RHSA-2009:0013
released 2009-01-12
severity Moderate
title RHSA-2009:0013: avahi security update (Moderate)
rpms
  • avahi-0:0.6.16-1.el5_2.1
  • avahi-compat-howl-0:0.6.16-1.el5_2.1
  • avahi-compat-howl-devel-0:0.6.16-1.el5_2.1
  • avahi-compat-libdns_sd-0:0.6.16-1.el5_2.1
  • avahi-compat-libdns_sd-devel-0:0.6.16-1.el5_2.1
  • avahi-devel-0:0.6.16-1.el5_2.1
  • avahi-glib-0:0.6.16-1.el5_2.1
  • avahi-glib-devel-0:0.6.16-1.el5_2.1
  • avahi-qt3-0:0.6.16-1.el5_2.1
  • avahi-qt3-devel-0:0.6.16-1.el5_2.1
  • avahi-tools-0:0.6.16-1.el5_2.1
refmap via4
bid 32825
confirm http://avahi.org/milestone/Avahi%200.6.24
debian DSA-1690
exploit-db 7520
gentoo GLSA-200901-11
mlist [oss-security] 20081214 Avahi daemon DoS (CVE-2008-5081)
secunia
  • 33153
  • 33220
  • 33279
  • 33475
suse SUSE-SR:2009:003
ubuntu USN-696-1
Last major update 21-08-2010 - 01:25
Published 16-12-2008 - 21:30
Last modified 28-09-2017 - 21:32
Back to Top