low severity
Do your applications use this vulnerable package?
Test your applications
Overview
Avahi version 0.7 contains a Incorrect Access Control vulnerability in avahi-daemon that can result in Traffic reflection and amplification for DDoS attacks.. This attack appear to be exploitable via unicast IP network packet with spoofed source address.
References
- CVE
- CVE-2018-1000845
- Snyk ID
- SNYK-DEBIAN9-AVAHI-330432
- Disclosed
- 20 Dec, 2018
- Published
- 20 Dec, 2018