Unrated severityNVD Advisory· Published Feb 22, 2011· Updated Apr 29, 2026
CVE-2011-1002
CVE-2011-1002
Description
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
Affected products
45cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*+ 34 more
- cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*range: <=0.6.28
- cpe:2.3:a:avahi:avahi:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.14:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.15:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.16:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.17:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.18:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.19:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.20:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.21:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.22:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.23:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.24:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.25:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.26:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.27:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:avahi:avahi:0.6.9:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
30- xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/nvdExploitThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlnvdThird Party Advisory
- openwall.com/lists/oss-security/2011/02/18/1nvdMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2011/02/18/4nvdMailing ListThird Party Advisory
- secunia.com/advisories/43361nvdBroken LinkVendor Advisory
- ubuntu.com/usn/usn-1084-1nvdThird Party Advisory
- www.debian.org/security/2011/dsa-2174nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2011/02/22/9nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/46446nvdBroken LinkThird Party AdvisoryVDB Entry
- www.vupen.com/english/advisories/2011/0448nvdBroken LinkVendor Advisory
- www.vupen.com/english/advisories/2011/0499nvdBroken LinkVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/65525nvdThird Party AdvisoryVDB Entry
- avahi.org/ticket/325nvdBroken Link
- osvdb.org/70948nvdBroken Link
- secunia.com/advisories/43465nvdBroken Link
- secunia.com/advisories/43605nvdBroken Link
- secunia.com/advisories/43673nvdBroken Link
- secunia.com/advisories/44131nvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-0436.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-0779.htmlnvdBroken Link
- www.vupen.com/english/advisories/2011/0511nvdBroken Link
- www.vupen.com/english/advisories/2011/0565nvdBroken Link
- www.vupen.com/english/advisories/2011/0601nvdBroken Link
- www.vupen.com/english/advisories/2011/0670nvdBroken Link
- www.vupen.com/english/advisories/2011/0969nvdBroken Link
- exchange.xforce.ibmcloud.com/vulnerabilities/65524nvdNot Applicable
News mentions
0No linked articles in our index yet.