CVE-2011-1002 Common Vulnerabilities and Exposures

Upstream information

CVE-2011-1002 at MITRE

Description

avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	5
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entry: 671797 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SR:2011:005, published Fri, 01 Apr 2011 13:00:00 +0000

List of released packages

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 12:08:45 2013
CVE page last modified: Sat Jun 15 21:23:22 2024

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 12 SP1	`avahi >= 0.6.31-20.59` `avahi-compat-howl-devel >= 0.6.31-20.59` `avahi-compat-mDNSResponder-devel >= 0.6.31-20.59` `avahi-lang >= 0.6.31-20.59` `libavahi-client3 >= 0.6.31-20.59` `libavahi-client3-32bit >= 0.6.31-20.59` `libavahi-common3 >= 0.6.31-20.59` `libavahi-common3-32bit >= 0.6.31-20.59` `libavahi-core7 >= 0.6.31-20.59` `libavahi-devel >= 0.6.31-20.59` `libdns_sd >= 0.6.31-20.59` `libdns_sd-32bit >= 0.6.31-20.59` `libhowl0 >= 0.6.31-20.59`	Patchnames: SUSE Linux Enterprise Desktop 12 SP1 GA avahi-0.6.31-20.59 SUSE Linux Enterprise Software Development Kit 12 SP1 GA avahi-compat-howl-devel-0.6.31-20.59
SUSE Linux Enterprise Desktop 12 SP2	`avahi >= 0.6.32-30.36` `avahi-compat-howl-devel >= 0.6.32-30.36` `avahi-compat-mDNSResponder-devel >= 0.6.32-30.36` `avahi-lang >= 0.6.32-30.36` `libavahi-client3 >= 0.6.32-30.36` `libavahi-client3-32bit >= 0.6.32-30.36` `libavahi-common3 >= 0.6.32-30.36` `libavahi-common3-32bit >= 0.6.32-30.36` `libavahi-core7 >= 0.6.32-30.36` `libavahi-devel >= 0.6.32-30.36` `libdns_sd >= 0.6.32-30.36` `libdns_sd-32bit >= 0.6.32-30.36` `libhowl0 >= 0.6.32-30.36` `python-avahi >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Desktop 12 SP2 GA avahi-0.6.32-30.36 SUSE Linux Enterprise Software Development Kit 12 SP2 GA avahi-compat-howl-devel-0.6.32-30.36
SUSE Linux Enterprise Desktop 12 SP3	`avahi >= 0.6.32-30.36` `avahi-compat-howl-devel >= 0.6.32-30.36` `avahi-compat-mDNSResponder-devel >= 0.6.32-30.36` `avahi-lang >= 0.6.32-30.36` `libavahi-client3 >= 0.6.32-30.36` `libavahi-client3-32bit >= 0.6.32-30.36` `libavahi-common3 >= 0.6.32-30.36` `libavahi-common3-32bit >= 0.6.32-30.36` `libavahi-core7 >= 0.6.32-30.36` `libavahi-devel >= 0.6.32-30.36` `libdns_sd >= 0.6.32-30.36` `libdns_sd-32bit >= 0.6.32-30.36` `libhowl0 >= 0.6.32-30.36` `python-avahi >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Desktop 12 SP3 GA avahi-0.6.32-30.36 SUSE Linux Enterprise Software Development Kit 12 SP3 GA avahi-compat-howl-devel-0.6.32-30.36
SUSE Linux Enterprise Desktop 12 SP4	`avahi >= 0.6.32-30.36` `avahi-compat-howl-devel >= 0.6.32-30.36` `avahi-compat-mDNSResponder-devel >= 0.6.32-30.36` `avahi-lang >= 0.6.32-30.36` `libavahi-client3 >= 0.6.32-30.36` `libavahi-client3-32bit >= 0.6.32-30.36` `libavahi-common3 >= 0.6.32-30.36` `libavahi-common3-32bit >= 0.6.32-30.36` `libavahi-core7 >= 0.6.32-30.36` `libavahi-devel >= 0.6.32-30.36` `libdns_sd >= 0.6.32-30.36` `libdns_sd-32bit >= 0.6.32-30.36` `libhowl0 >= 0.6.32-30.36` `python-avahi >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Desktop 12 SP4 GA avahi-0.6.32-30.36 SUSE Linux Enterprise Software Development Kit 12 SP4 GA avahi-compat-howl-devel-0.6.32-30.36
SUSE Linux Enterprise Desktop 12	`avahi >= 0.6.31-20.59` `avahi-compat-howl-devel >= 0.6.31-20.59` `avahi-compat-mDNSResponder-devel >= 0.6.31-20.59` `avahi-lang >= 0.6.31-20.59` `libavahi-client3 >= 0.6.31-20.59` `libavahi-client3-32bit >= 0.6.31-20.59` `libavahi-common3 >= 0.6.31-20.59` `libavahi-common3-32bit >= 0.6.31-20.59` `libavahi-core7 >= 0.6.31-20.59` `libavahi-devel >= 0.6.31-20.59` `libdns_sd >= 0.6.31-20.59` `libdns_sd-32bit >= 0.6.31-20.59` `libhowl0 >= 0.6.31-20.59`	Patchnames: SUSE Linux Enterprise Desktop 12 GA avahi-0.6.31-20.59 SUSE Linux Enterprise Software Development Kit 12 GA avahi-compat-howl-devel-0.6.31-20.59
SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 15	`avahi >= 0.6.32-3.7` `avahi-autoipd >= 0.6.32-3.7` `avahi-compat-howl-devel >= 0.6.32-3.7` `avahi-compat-mDNSResponder-devel >= 0.6.32-3.7` `avahi-lang >= 0.6.32-3.7` `avahi-utils >= 0.6.32-3.7` `libavahi-client3 >= 0.6.32-3.7` `libavahi-client3-32bit >= 0.6.32-3.7` `libavahi-common3 >= 0.6.32-3.7` `libavahi-common3-32bit >= 0.6.32-3.7` `libavahi-core7 >= 0.6.32-3.7` `libavahi-devel >= 0.6.32-3.7` `libdns_sd >= 0.6.32-3.7` `libhowl0 >= 0.6.32-3.7`	Patchnames: SUSE Linux Enterprise Module for Basesystem 15 GA avahi-0.6.32-3.7 SUSE Linux Enterprise Module for Desktop Applications 15 GA avahi-autoipd-0.6.32-3.7
SUSE Linux Enterprise High Performance Computing 12 SP5	`avahi >= 0.6.32-32.3.1` `avahi-lang >= 0.6.32-32.3.1` `avahi-utils >= 0.6.32-32.3.1` `libavahi-client3 >= 0.6.32-32.3.1` `libavahi-client3-32bit >= 0.6.32-32.3.1` `libavahi-common3 >= 0.6.32-32.3.1` `libavahi-common3-32bit >= 0.6.32-32.3.1` `libavahi-core7 >= 0.6.32-32.3.1` `libdns_sd >= 0.6.32-32.3.1` `libdns_sd-32bit >= 0.6.32-32.3.1`	Patchnames: SUSE Linux Enterprise High Performance Computing 12 SP5 GA avahi-0.6.32-32.3.1
SUSE Linux Enterprise Micro 6.0	`avahi >= 0.8-4.6` `libavahi-client3 >= 0.8-4.6` `libavahi-common3 >= 0.8-4.6` `libavahi-core7 >= 0.8-4.6`	Patchnames: SUSE Linux Enterprise Micro 6.0 GA avahi-0.8-4.6
SUSE Linux Enterprise Module for Basesystem 15	`avahi >= 0.6.32-3.7` `avahi-compat-howl-devel >= 0.6.32-3.7` `avahi-compat-mDNSResponder-devel >= 0.6.32-3.7` `avahi-lang >= 0.6.32-3.7` `avahi-utils >= 0.6.32-3.7` `libavahi-client3 >= 0.6.32-3.7` `libavahi-common3 >= 0.6.32-3.7` `libavahi-core7 >= 0.6.32-3.7` `libavahi-devel >= 0.6.32-3.7` `libdns_sd >= 0.6.32-3.7` `libhowl0 >= 0.6.32-3.7`	Patchnames: SUSE Linux Enterprise Module for Basesystem 15 GA avahi-0.6.32-3.7
SUSE Linux Enterprise Module for Desktop Applications 15	`avahi-autoipd >= 0.6.32-3.7` `libavahi-client3-32bit >= 0.6.32-3.7` `libavahi-common3-32bit >= 0.6.32-3.7`	Patchnames: SUSE Linux Enterprise Module for Desktop Applications 15 GA avahi-autoipd-0.6.32-3.7
SUSE Linux Enterprise Server 12 SP1	`avahi >= 0.6.31-20.59` `avahi-compat-howl-devel >= 0.6.31-20.59` `avahi-compat-mDNSResponder-devel >= 0.6.31-20.59` `avahi-lang >= 0.6.31-20.59` `avahi-utils >= 0.6.31-20.59` `libavahi-client3 >= 0.6.31-20.59` `libavahi-client3-32bit >= 0.6.31-20.59` `libavahi-common3 >= 0.6.31-20.59` `libavahi-common3-32bit >= 0.6.31-20.59` `libavahi-core7 >= 0.6.31-20.59` `libavahi-devel >= 0.6.31-20.59` `libdns_sd >= 0.6.31-20.59` `libdns_sd-32bit >= 0.6.31-20.59` `libhowl0 >= 0.6.31-20.59`	Patchnames: SUSE Linux Enterprise Server 12 SP1 GA avahi-0.6.31-20.59 SUSE Linux Enterprise Software Development Kit 12 SP1 GA avahi-compat-howl-devel-0.6.31-20.59
SUSE Linux Enterprise Server 12 SP2	`avahi >= 0.6.32-30.36` `avahi-compat-howl-devel >= 0.6.32-30.36` `avahi-compat-mDNSResponder-devel >= 0.6.32-30.36` `avahi-lang >= 0.6.32-30.36` `avahi-utils >= 0.6.32-30.36` `libavahi-client3 >= 0.6.32-30.36` `libavahi-client3-32bit >= 0.6.32-30.36` `libavahi-common3 >= 0.6.32-30.36` `libavahi-common3-32bit >= 0.6.32-30.36` `libavahi-core7 >= 0.6.32-30.36` `libavahi-devel >= 0.6.32-30.36` `libdns_sd >= 0.6.32-30.36` `libdns_sd-32bit >= 0.6.32-30.36` `libhowl0 >= 0.6.32-30.36` `python-avahi >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Server 12 SP2 GA avahi-0.6.32-30.36 SUSE Linux Enterprise Software Development Kit 12 SP2 GA avahi-compat-howl-devel-0.6.32-30.36
SUSE Linux Enterprise Server 12 SP3	`avahi >= 0.6.32-30.36` `avahi-compat-howl-devel >= 0.6.32-30.36` `avahi-compat-mDNSResponder-devel >= 0.6.32-30.36` `avahi-lang >= 0.6.32-30.36` `avahi-utils >= 0.6.32-30.36` `libavahi-client3 >= 0.6.32-30.36` `libavahi-client3-32bit >= 0.6.32-30.36` `libavahi-common3 >= 0.6.32-30.36` `libavahi-common3-32bit >= 0.6.32-30.36` `libavahi-core7 >= 0.6.32-30.36` `libavahi-devel >= 0.6.32-30.36` `libdns_sd >= 0.6.32-30.36` `libdns_sd-32bit >= 0.6.32-30.36` `libhowl0 >= 0.6.32-30.36` `python-avahi >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Server 12 SP3 GA avahi-0.6.32-30.36 SUSE Linux Enterprise Software Development Kit 12 SP3 GA avahi-compat-howl-devel-0.6.32-30.36
SUSE Linux Enterprise Server 12 SP4	`avahi >= 0.6.32-30.36` `avahi-compat-howl-devel >= 0.6.32-30.36` `avahi-compat-mDNSResponder-devel >= 0.6.32-30.36` `avahi-lang >= 0.6.32-30.36` `avahi-utils >= 0.6.32-30.36` `libavahi-client3 >= 0.6.32-30.36` `libavahi-client3-32bit >= 0.6.32-30.36` `libavahi-common3 >= 0.6.32-30.36` `libavahi-common3-32bit >= 0.6.32-30.36` `libavahi-core7 >= 0.6.32-30.36` `libavahi-devel >= 0.6.32-30.36` `libdns_sd >= 0.6.32-30.36` `libdns_sd-32bit >= 0.6.32-30.36` `libhowl0 >= 0.6.32-30.36` `python-avahi >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Server 12 SP4 GA avahi-0.6.32-30.36 SUSE Linux Enterprise Software Development Kit 12 SP4 GA avahi-compat-howl-devel-0.6.32-30.36
SUSE Linux Enterprise Server 12 SP5	`avahi >= 0.6.32-32.3.1` `avahi-compat-howl-devel >= 0.6.32-32.3.1` `avahi-compat-mDNSResponder-devel >= 0.6.32-32.3.1` `avahi-lang >= 0.6.32-32.3.1` `avahi-utils >= 0.6.32-32.3.1` `libavahi-client3 >= 0.6.32-32.3.1` `libavahi-client3-32bit >= 0.6.32-32.3.1` `libavahi-common3 >= 0.6.32-32.3.1` `libavahi-common3-32bit >= 0.6.32-32.3.1` `libavahi-core7 >= 0.6.32-32.3.1` `libavahi-devel >= 0.6.32-32.3.1` `libdns_sd >= 0.6.32-32.3.1` `libdns_sd-32bit >= 0.6.32-32.3.1` `libhowl0 >= 0.6.32-32.3.1` `python-avahi >= 0.6.32-32.3.1`	Patchnames: SUSE Linux Enterprise Server 12 SP5 GA avahi-0.6.32-32.3.1 SUSE Linux Enterprise Software Development Kit 12 SP5 GA avahi-compat-howl-devel-0.6.32-32.3.1
SUSE Linux Enterprise Server 12	`avahi >= 0.6.31-20.59` `avahi-compat-howl-devel >= 0.6.31-20.59` `avahi-compat-mDNSResponder-devel >= 0.6.31-20.59` `avahi-lang >= 0.6.31-20.59` `avahi-utils >= 0.6.31-20.59` `libavahi-client3 >= 0.6.31-20.59` `libavahi-client3-32bit >= 0.6.31-20.59` `libavahi-common3 >= 0.6.31-20.59` `libavahi-common3-32bit >= 0.6.31-20.59` `libavahi-core7 >= 0.6.31-20.59` `libavahi-devel >= 0.6.31-20.59` `libdns_sd >= 0.6.31-20.59` `libdns_sd-32bit >= 0.6.31-20.59` `libhowl0 >= 0.6.31-20.59`	Patchnames: SUSE Linux Enterprise Server 12 GA avahi-0.6.31-20.25 SUSE Linux Enterprise Software Development Kit 12 GA avahi-compat-howl-devel-0.6.31-20.59
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2	`avahi >= 0.6.32-30.36` `avahi-lang >= 0.6.32-30.36` `avahi-utils >= 0.6.32-30.36` `libavahi-client3 >= 0.6.32-30.36` `libavahi-common3 >= 0.6.32-30.36` `libavahi-core7 >= 0.6.32-30.36` `libdns_sd >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA avahi-0.6.32-30.36
SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1	`avahi-compat-howl-devel >= 0.6.31-20.59` `avahi-compat-mDNSResponder-devel >= 0.6.31-20.59` `libavahi-devel >= 0.6.31-20.59` `libhowl0 >= 0.6.31-20.59`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP1 GA avahi-compat-howl-devel-0.6.31-20.59
SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2	`avahi-compat-howl-devel >= 0.6.32-30.36` `avahi-compat-mDNSResponder-devel >= 0.6.32-30.36` `libavahi-devel >= 0.6.32-30.36` `libhowl0 >= 0.6.32-30.36` `python-avahi >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP2 GA avahi-compat-howl-devel-0.6.32-30.36
SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3	`avahi-compat-howl-devel >= 0.6.32-30.36` `avahi-compat-mDNSResponder-devel >= 0.6.32-30.36` `libavahi-devel >= 0.6.32-30.36` `libhowl0 >= 0.6.32-30.36` `python-avahi >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP3 GA avahi-compat-howl-devel-0.6.32-30.36
SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP4	`avahi-compat-howl-devel >= 0.6.32-30.36` `avahi-compat-mDNSResponder-devel >= 0.6.32-30.36` `libavahi-devel >= 0.6.32-30.36` `libhowl0 >= 0.6.32-30.36` `python-avahi >= 0.6.32-30.36`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP4 GA avahi-compat-howl-devel-0.6.32-30.36
SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5	`avahi-compat-howl-devel >= 0.6.32-32.3.1` `avahi-compat-mDNSResponder-devel >= 0.6.32-32.3.1` `libavahi-devel >= 0.6.32-32.3.1` `libhowl0 >= 0.6.32-32.3.1` `python-avahi >= 0.6.32-32.3.1`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP5 GA avahi-compat-howl-devel-0.6.32-32.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Software Development Kit 12	`avahi-compat-howl-devel >= 0.6.31-20.59` `avahi-compat-mDNSResponder-devel >= 0.6.31-20.59` `libavahi-devel >= 0.6.31-20.59` `libhowl0 >= 0.6.31-20.59`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 GA avahi-compat-howl-devel-0.6.31-20.59
openSUSE Leap 15.0	`avahi >= 0.6.32-lp150.3.2` `avahi-lang >= 0.6.32-lp150.3.2` `libavahi-client3 >= 0.6.32-lp150.3.2` `libavahi-common3 >= 0.6.32-lp150.3.2` `libavahi-core7 >= 0.6.32-lp150.3.2`	Patchnames: openSUSE Leap 15.0 GA avahi-0.6.32-lp150.3.2
openSUSE Tumbleweed	`avahi >= 0.6.32-2.3` `avahi-autoipd >= 0.6.32-2.3` `avahi-compat-howl-devel >= 0.6.32-2.3` `avahi-compat-mDNSResponder-devel >= 0.6.32-2.3` `avahi-lang >= 0.6.32-2.3` `avahi-utils >= 0.6.32-2.3` `libavahi-client3 >= 0.6.32-2.3` `libavahi-client3-32bit >= 0.6.32-2.3` `libavahi-common3 >= 0.6.32-2.3` `libavahi-common3-32bit >= 0.6.32-2.3` `libavahi-core7 >= 0.6.32-2.3` `libavahi-devel >= 0.6.32-2.3` `libdns_sd >= 0.6.32-2.3` `libdns_sd-32bit >= 0.6.32-2.3` `libhowl0 >= 0.6.32-2.3` `python-avahi >= 0.6.32-2.3`	Patchnames: openSUSE-Tumbleweed-2024-10363