CVE-2018-1000845

Affecting avahi package, versions *

Report new vulnerabilities
low severity
Do your applications use this vulnerable package? Test your applications

Overview

Avahi version 0.7 contains a Incorrect Access Control vulnerability in avahi-daemon that can result in Traffic reflection and amplification for DDoS attacks.. This attack appear to be exploitable via unicast IP network packet with spoofed source address.

References

CVE
CVE-2018-1000845
Snyk ID
SNYK-DEBIAN9-AVAHI-330432
Disclosed
20 Dec, 2018
Published
20 Dec, 2018