FreeBSD : avahi -- denial of service (8b986a05-4dbe-11e0-8b9a-02e0184b8d35)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Avahi developers reports :

A vulnerability has been reported in Avahi, which can be exploited by
malicious people to cause a DoS (Denial of Service). The vulnerability
is caused due to an error when processing certain UDP packets, which
can be exploited to trigger an infinite loop by e.g. sending an empty
packet to port 5353/UDP.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=667187
http://www.nessus.org/u?a8cc36c6

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 52666 ()

Bugtraq ID:

CVE ID: CVE-2010-2244
CVE-2011-1002

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now