[Pkg-utopia-maintainers] Bug#614785: Bug#614785: Bug#614785: avahi-daemon uses 100% of cpu when scanned with nmap (DoS possible?)
Michael Biebl
biebl at debian.org
Wed Feb 23 13:56:46 UTC 2011
Am 23.02.2011 14:23, schrieb Alexander Kurtz:
> Am Mittwoch, den 23.02.2011, 13:58 +0100 schrieb Michael Biebl:
>> I was able to reproduce this problem on a squeeze system, but not on unstable.
>>
>> Can you confirm that?
>
> Negative, I tried upgrading avahi-daemon and libavahi-* to the sid
> versions (0.6.28-3) but the problem is still there.
>
> However, I haven't tried a complete upgrade to sid, so the problem may
> very well be in some third-party package which is fixed in sid.
As it turns out, this issue is already known:
http://avahi.org/ticket/325
https://bugzilla.redhat.com/show_bug.cgi?id=607297
https://bugzilla.redhat.com/show_bug.cgi?id=667187
CVE-2011-1002
The fix is available at
http://git.0pointer.de/?p=avahi.git;a=commit;h=46109dfec75534fe270c0ab902576f685d5ab3a6
I could successfully verify that this patch fixes the problem I could reproduce.
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20110223/a8900331/attachment.pgp>
More information about the Pkg-utopia-maintainers
mailing list