CVE-2015-2809
published 2015-04-01CVE-2015-2809: The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently responds to unicast queries with source addresses that are…
PriorityP426medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
3.67%
88.3th percentile
The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets to the Avahi component.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| avahi | avahi | <= 0.6.32 | — |
| avahi | avahi | — | — |
| avahi | avahi | >= 0 < 0.7-5 | 0.7-5 |
| avahi | avahi | >= 0 < 0.7-5 | 0.7-5 |
| avahi | avahi | >= 0 < 0.7-5 | 0.7-5 |
| avahi | avahi | >= 0 < 0.7-5 | 0.7-5 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | avahi | < avahi 0.7-5 (bookworm) | avahi 0.7-5 (bookworm) |
| msrc | cbl2_avahi_0.8-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| synology | diskstation_manager | <= 3.0 | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_msrc9.1CRITICAL
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link which allows remote attackers to cause a denial of service (traff
vendor_msrc·2017-05-09·CVSS 9.1
CVE-2017-6519 [MEDIUM] CWE-346 avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link which allows remote attackers to cause a denial of service (traff
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to tr
Debian
CVE-2017-6519: avahi - avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unic...
vendor_debian·2017·CVSS 5.0
CVE-2017-6519 [MEDIUM] CVE-2017-6519: avahi - avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unic...
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
Scope: local
bookworm: resolved (fixed in 0.7-5)
bullseye: resolved (fixed in 0.7-5)
forky: resolved (fixed in 0.7-5)
sid: resolved (fixed in 0.7-5)
trixie: resolved (fixed in 0.7-5)
Red Hat
avahi: Multicast DNS responds to unicast queries outside of local network
vendor_redhat·2015-03-31·CVSS 5.0
CVE-2017-6519 [MEDIUM] CWE-200 avahi: Multicast DNS responds to unicast queries outside of local network
avahi: Multicast DNS responds to unicast queries outside of local network
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
A vulnerability was found in Avahi, where the avahi-daemon improperly handles responses to IPv6 unicast queries, a remote attacker could exploit this flaw by sending specially crafted port-5353 UDP packets, potentially causing a denial of service (traffic amplification) or leaking sensitive information.
Statement: This vulnerabil
GHSA
GHSA-wgcg-8h66-7wvp: The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3
ghsa_unreviewed·2022-05-17
CVE-2015-2809 [MEDIUM] CWE-200 GHSA-wgcg-8h66-7wvp: The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3
The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets to the Avahi component.
GHSA
GHSA-6vpj-pr2c-5mm2: avahi-daemon in Avahi through 0
ghsa_unreviewed·2022-05-13·CVSS 5.0
CVE-2017-6519 [MEDIUM] CWE-346 GHSA-6vpj-pr2c-5mm2: avahi-daemon in Avahi through 0
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
OSV
CVE-2017-6519: avahi-daemon in Avahi through 0
osv·2017-05-01·CVSS 5.0
CVE-2017-6519 [MEDIUM] CVE-2017-6519: avahi-daemon in Avahi through 0
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2015-04-01
Published