CVE-2011-1002

EPSS 57.7%

avahi - denial of service

Published: 2/22/2011Modified: 4/28/2026

Description

avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.

Affected packages (2)

Debian/avahifrom 0, < 0.6.28-4
Debian/avahifrom 0, < 0.6.23-3lenny3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1002