File broadcast-avahi-dos

脚本使用类型: prerule
脚本所属分类: broadcast, dos, intrusive, vuln
脚本下载地址: http://nmap.org/svn/scripts/broadcast-avahi-dos.nse

User Summary

Attempts to discover hosts in the local network using the DNS Service Discovery protocol and sends a NULL UDP packet to each host to test if it is vulnerable to the Avahi NULL UDP packet denial of service (CVE-2011-1002).

The broadcast-avahi-dos.wait script argument specifies how many number of seconds to wait before a new attempt of host discovery. Each host who does not respond to this second attempt will be considered vulnerable.

Reference:

• http://avahi.org/ticket/325
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1002

Script Arguments

broadcast-avahi-dos.wait

Wait time in seconds before executing the check, the default value is 20 seconds.

max-newtargets, newtargets

dnssd.services

Example Usage

执行格式

nmap --script=broadcast-avahi-dos

Script Output

| broadcast-avahi-dos: 
|   Discovered hosts:
|     10.0.1.150
|     10.0.1.151
|   After NULL UDP avahi packet DoS (CVE-2011-1002).
|   Hosts that seem down (vulnerable):
|_    10.0.1.151

Requires

• dnssd
• nmap
• stdnse
• table

Author: Djalal Harouni

License: VER007 整理 http://www.ver007.com