Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2024-52616
- EPSS 0.2%
- Veröffentlicht 21.11.2024 21:15:24
- Zuletzt bearbeitet 14.05.2025 00:15:17
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transacti...
5.3
CVE-2024-52615
- EPSS 0.2%
- Veröffentlicht 21.11.2024 21:15:23
- Zuletzt bearbeitet 23.09.2025 10:15:34
A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.
7.8
CVE-2009-0758
- EPSS 1.12%
- Veröffentlicht 03.03.2009 16:30:05
- Zuletzt bearbeitet 09.04.2025 00:30:58
The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a d...
1