Scriptbroadcast-avahi-dos

Script types:prerule
Categories:broadcast,dos,intrusive,vuln
Download:https://svn.nmap.org/nmap/scripts/broadcast-avahi-dos.nse

Script Summary

Attempts to discover hosts in the local network using the DNS ServiceDiscovery protocol and sends a NULL UDP packet to each host to testif it is vulnerable to the Avahi NULL UDP packet denial of service(CVE-2011-1002).

Thebroadcast-avahi-dos.wait script argument specifies howmany number of seconds to wait before a new attempt of host discovery.Each host who does not respond to this second attempt will be consideredvulnerable.

Reference:

• http://avahi.org/ticket/325
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1002

Script Arguments

broadcast-avahi-dos.wait

Wait time in seconds before executing the check, the default value is 20 seconds.

dnssd.services

See the documentation for thednssd library.

max-newtargets,newtargets

See the documentation for thetarget library.

Example Usage

nmap --script=broadcast-avahi-dos

Script Output

| broadcast-avahi-dos:|   Discovered hosts:|     10.0.1.150|     10.0.1.151|   After NULL UDP avahi packet DoS (CVE-2011-1002).|   Hosts that seem down (vulnerable):|_    10.0.1.151

Requires

• dnssd
• nmap
• stdnse
• table

Author:

• Djalal Harouni

License: Same as Nmap--Seehttps://nmap.org/book/man-legal.html