Vigil@nce - Avahi: information disclosure and DDos via mDNS on IPv6
July 2017 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can query the mDNS service of Avahi, in order to
obtain sensitive information about the network, or to amplify a
denial of service attack.
Impacted products: Avahi.
Severity: 2/4.
Creation date: 02/05/2017.
DESCRIPTION OF THE VULNERABILITY
The mDNS (Multicast DNS) protocol allows local computers to
discover services available on their networks.
However, the IPv6 mDNS implementation in Avahi accepts to reply to
Unicast queries coming from outside its network.
This vulnerability is a variant of VIGILANCE-VUL-16510.
An attacker can therefore query the mDNS service of Avahi, in
order to obtain sensitive information about the network, or to
amplify a denial of service attack.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Avahi-information-disclosure-and-DDos-via-mDNS-on-IPv6-22617