{"id":"CVE-2011-1002","details":"avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.","modified":"2026-04-10T03:41:39.389431Z","published":"2011-02-22T19:00:02Z","related":["openSUSE-SU-2024:10363-1"],"references":[{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"},{"type":"ADVISORY","url":"http://openwall.com/lists/oss-security/2011/02/18/1"},{"type":"ADVISORY","url":"http://openwall.com/lists/oss-security/2011/02/18/4"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43361"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43465"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43605"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43673"},{"type":"ADVISORY","url":"http://secunia.com/advisories/44131"},{"type":"ADVISORY","url":"http://ubuntu.com/usn/usn-1084-1"},{"type":"ADVISORY","url":"http://www.debian.org/security/2011/dsa-2174"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:037"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:040"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2011/02/22/9"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/46446"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0448"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0499"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0511"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0565"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0601"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0670"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0969"},{"type":"ADVISORY","url":"http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/"},{"type":"ADVISORY","url":"https://bugzilla.redhat.com/show_bug.cgi?id=667187"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/65525"},{"type":"ARTICLE","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html"},{"type":"ARTICLE","url":"http://openwall.com/lists/oss-security/2011/02/18/1"},{"type":"ARTICLE","url":"http://openwall.com/lists/oss-security/2011/02/18/4"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2011/02/22/9"},{"type":"EVIDENCE","url":"http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=667187"},{"type":"WEB","url":"http://avahi.org/ticket/325"},{"type":"WEB","url":"http://git.0pointer.de/?p=avahi.git%3Ba=commit%3Bh=46109dfec75534fe270c0ab902576f685d5ab3a6"},{"type":"WEB","url":"http://osvdb.org/70948"},{"type":"WEB","url":"http://www.redhat.com/support/errata/RHSA-2011-0436.html"},{"type":"WEB","url":"http://www.redhat.com/support/errata/RHSA-2011-0779.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/46446"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/65524"}],"schema_version":"1.7.5"}