Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-6519

Опубликовано: 31 мар. 2015
Источник: redhat
CVSS3: 5.8

Описание

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

Отчет

This vulnerability is rated as low severity because it allows a remote attacker to cause a denial of service or amplify traffic through crafted UDP packets, it could impact availability, it does not pose a significant risk to system integrity or confidentiality.

Меры по смягчению последствий

Ensure UDP port 5353 is blocked in the firewall. Moreover, configure correctly the rate limiting options based on your needs (see ratelimit-interval-usec and ratelimit-burst options in /etc/avahi/avahi-daemon.conf).

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5avahiWill not fix
Red Hat Enterprise Linux 6avahiWill not fix
Red Hat Enterprise Linux 8avahiWill not fix
Red Hat Enterprise Linux 9avahiAffected
Red Hat Enterprise Linux 7avahiFixedRHSA-2020:117631.03.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1426712avahi: Multicast DNS responds to unicast queries outside of local network

5.8 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-6519

CVSS3: 9.1
ubuntu
около 8 лет назад

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

nvd логотип

CVE-2017-6519

CVSS3: 9.1
nvd
около 8 лет назад

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

msrc логотип

CVE-2017-6519

CVSS3: 9.1
msrc
больше 3 лет назад

Описание отсутствует

debian логотип

CVE-2017-6519

CVSS3: 9.1
debian
около 8 лет назад

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to ...

github логотип

GHSA-6vpj-pr2c-5mm2

CVSS3: 9.1
github
около 3 лет назад

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

5.8 Medium

CVSS3