Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.69655
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2011:0779
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing updates announced in
advisory RHSA-2011:0779.

Avahi is an implementation of the DNS Service Discovery and Multicast DNS
specifications for Zero Configuration Networking. It facilitates service
discovery on a local network. Avahi and Avahi-aware applications allow you
to plug your computer into a network and, with no configuration, view other
people to chat with, view printers to print to, and find shared files on
other computers.

A flaw was found in the way the Avahi daemon (avahi-daemon) processed
Multicast DNS (mDNS) packets with an empty payload. An attacker on the
local network could use this flaw to cause avahi-daemon on a target system
to enter an infinite loop via an empty mDNS UDP packet. (CVE-2011-1002)

This update also fixes the following bug:

* Previously, the avahi packages in Red Hat Enterprise Linux 6 were not
compiled with standard RPM CFLAGS
therefore, the Stack Protector and
Fortify Source protections were not enabled, and the debuginfo packages did
not contain the information required for debugging. This update corrects
this issue by using proper CFLAGS when compiling the packages. (BZ#629954,
BZ#684276)

All users are advised to upgrade to these updated packages, which contain a
backported patch to correct these issues. After installing the update,
avahi-daemon will be restarted automatically.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-0779.html

Risk factor : Medium

CVSS Score:
5.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1002
43361
http://secunia.com/advisories/43361
43465
http://secunia.com/advisories/43465
43605
http://secunia.com/advisories/43605
43673
http://secunia.com/advisories/43673
44131
http://secunia.com/advisories/44131
46446
http://www.securityfocus.com/bid/46446
70948
http://osvdb.org/70948
ADV-2011-0448
http://www.vupen.com/english/advisories/2011/0448
ADV-2011-0499
http://www.vupen.com/english/advisories/2011/0499
ADV-2011-0511
http://www.vupen.com/english/advisories/2011/0511
ADV-2011-0565
http://www.vupen.com/english/advisories/2011/0565
ADV-2011-0601
http://www.vupen.com/english/advisories/2011/0601
ADV-2011-0670
http://www.vupen.com/english/advisories/2011/0670
ADV-2011-0969
http://www.vupen.com/english/advisories/2011/0969
DSA-2174
http://www.debian.org/security/2011/dsa-2174
FEDORA-2011-3033
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html
MDVSA-2011:037
http://www.mandriva.com/security/advisories?name=MDVSA-2011:037
MDVSA-2011:040
http://www.mandriva.com/security/advisories?name=MDVSA-2011:040
RHSA-2011:0436
http://www.redhat.com/support/errata/RHSA-2011-0436.html
RHSA-2011:0779
http://www.redhat.com/support/errata/RHSA-2011-0779.html
SUSE-SR:2011:005
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
USN-1084-1
http://ubuntu.com/usn/usn-1084-1
[oss-security] 20110218 CVE request: avahi daemon remote denial of service by sending NULL UDP
http://openwall.com/lists/oss-security/2011/02/18/1
[oss-security] 20110218 Re: CVE request: avahi daemon remote denial of service by sending NULL UDP
http://openwall.com/lists/oss-security/2011/02/18/4
[oss-security] 20110222 Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP
http://www.openwall.com/lists/oss-security/2011/02/22/9
avahi-udp-dos(65524)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65524
avahi-udp-packet-dos(65525)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65525
http://avahi.org/ticket/325
http://git.0pointer.de/?p=avahi.git%3Ba=commit%3Bh=46109dfec75534fe270c0ab902576f685d5ab3a6
http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/
https://bugzilla.redhat.com/show_bug.cgi?id=667187
Common Vulnerability Exposure (CVE) ID: CVE-2010-2244
1024200
http://www.securitytracker.com/id?1024200
DSA-2086
http://www.debian.org/security/2010/dsa-2086
FEDORA-2010-10581
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043820.html
FEDORA-2010-10584
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043800.html
MDVSA-2010:204
http://www.mandriva.com/security/advisories?name=MDVSA-2010:204
[oss-security] 20100623 CVE Request: avahi DoS
http://www.openwall.com/lists/oss-security/2010/06/23/4
[oss-security] 20100625 Re: CVE Request: avahi DoS
http://marc.info/?l=oss-security&m=127748459505200&w=2
https://bugzilla.redhat.com/show_bug.cgi?id=607293
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.