Avahi Compressed DNS Denial Of Service Vulnerability
BID:21881
Info
Avahi Compressed DNS Denial Of Service Vulnerability
| Bugtraq ID: | 21881 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2006-6870 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 05 2007 12:00AM |
| Updated: | Apr 20 2007 09:30PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 SuSE Linux 10.1 Redhat Fedora Core6 Redhat Fedora Core5 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 Avahi Avahi 0.6.15 Avahi Avahi 0.6.13 Avahi Avahi 0.6.11 Avahi Avahi 0.6.10 Avahi Avahi 0.6.9 Avahi Avahi 0.6.8 Avahi Avahi 0.6.7 |
| Not Vulnerable: |
Avahi Avahi 0.6.16 |
Discussion
Avahi Compressed DNS Denial Of Service Vulnerability
Avahi is prone to a denial-of-service vulnerability.
A remote attacker may exploit this issue to cause the application to crash, denying further service to legitimate users.
Versions prior to 0.6.16 are vulnerable to this issue.
Avahi is prone to a denial-of-service vulnerability.
A remote attacker may exploit this issue to cause the application to crash, denying further service to legitimate users.
Versions prior to 0.6.16 are vulnerable to this issue.
Exploit / POC
Avahi Compressed DNS Denial Of Service Vulnerability
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected]
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected]
Solution / Fix
Avahi Compressed DNS Denial Of Service Vulnerability
Solution:
The vendor has released version 0.6.16 to address this issue. Please see the references for details.
Avahi Avahi 0.6.10
Avahi Avahi 0.6.11
Avahi Avahi 0.6.13
Avahi Avahi 0.6.15
Avahi Avahi 0.6.7
Avahi Avahi 0.6.8
Avahi Avahi 0.6.9
Solution:
The vendor has released version 0.6.16 to address this issue. Please see the references for details.
Avahi Avahi 0.6.10
-
Avahi avahi-0.6.16.tar.gz
http://avahi.org/download/avahi-0.6.16.tar.gz
Avahi Avahi 0.6.11
-
RedHat avahi-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-0.6.16-1.fc6.src.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-howl-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-howl-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-howl-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-howl-devel-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-howl-devel-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-howl-devel-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-libdns_sd-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-libdns_sd-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-libdns_sd-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-libdns_sd-devel-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-libdns_sd-devel-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-compat-libdns_sd-devel-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-debuginfo-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-debuginfo-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-debuginfo-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-devel-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-devel-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-devel-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-glib-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-glib-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-glib-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-glib-devel-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-glib-devel-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-glib-devel-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-qt3-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-qt3-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-qt3-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-qt3-devel-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-qt3-devel-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-qt3-devel-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-sharp-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-sharp-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-sharp-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-tools-0.6.16-1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-tools-0.6.16-1.fc6.ppc.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ -
RedHat avahi-tools-0.6.16-1.fc6.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
Avahi Avahi 0.6.13
-
Avahi avahi-0.6.16.tar.gz
http://avahi.org/download/avahi-0.6.16.tar.gz -
Mandriva avahi-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-0.6.13-4.2mdv2007.0.src.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-dnsconfd-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-dnsconfd-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-python-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-python-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-sharp-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-sharp-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-x11-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva avahi-x11-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-client3-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-client3-devel-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-common3-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-common3-devel-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-compat-howl0-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-compat-howl0-devel-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-compat-libdns_sd1-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-compat-libdns_sd1-devel-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-core4-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-core4-devel-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-glib1-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-glib1-devel-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-qt3_1-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-qt3_1-devel-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-qt4_1-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva lib64avahi-qt4_1-devel-0.6.13-4.2mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-client3-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-client3-devel-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-common3-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-common3-devel-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-compat-howl0-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-compat-howl0-devel-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-compat-libdns_sd1-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-compat-libdns_sd1-devel-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-core4-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-core4-devel-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-glib1-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-glib1-devel-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-qt3_1-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-qt3_1-devel-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-qt4_1-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libavahi-qt4_1-devel-0.6.13-4.2mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download
Avahi Avahi 0.6.15
-
Avahi avahi-0.6.16.tar.gz
http://avahi.org/download/avahi-0.6.16.tar.gz
Avahi Avahi 0.6.7
-
Avahi avahi-0.6.16.tar.gz
http://avahi.org/download/avahi-0.6.16.tar.gz
Avahi Avahi 0.6.8
-
Avahi avahi-0.6.16.tar.gz
http://avahi.org/download/avahi-0.6.16.tar.gz
Avahi Avahi 0.6.9
-
Avahi avahi-0.6.16.tar.gz
http://avahi.org/download/avahi-0.6.16.tar.gz
References
Avahi Compressed DNS Denial Of Service Vulnerability
References:
References:
- Avahi Homepage (Avahi)
- Avahi Security Advisory Wiki (Avahi)
- Fedora Update Notification FEDORA-2007-018 (Redhat)
- Fedora Update Notification FEDORA-2007-019 (Fedora)
- Mandriva Linux Security Advisory MDKSA-2007:003 (Mandriva)
- SUSE Security Summary Report SUSE-SR:2007:007 (SuSE)
- Ubuntu Security Notice USN-402-1 (Ubuntu)