File broadcast-avahi-dos
Script types:
prerule
Categories:
broadcast, dos, intrusive, vuln
Download: http://nmap.org/svn/scripts/broadcast-avahi-dos.nse
User Summary
Attempts to discover hosts in the local network using the DNS Service Discovery protocol and sends a NULL UDP packet to each host to test if it is vulnerable to the Avahi NULL UDP packet denial of service (CVE-2011-1002).
The broadcast-avahi-dos.wait script argument specifies how
many number of seconds to wait before a new attempt of host discovery.
Each host who does not respond to this second attempt will be considered
vulnerable.
Reference:
Script Arguments
broadcast-avahi-dos.wait
Wait time in seconds before executing the check, the default value is 20 seconds.
dnssd.services
See the documentation for the dnssd library.max-newtargets, newtargets
See the documentation for the target library.Example Usage
nmap --script=broadcast-avahi-dos
Script Output
| broadcast-avahi-dos: | Discovered hosts: | 10.0.1.150 | 10.0.1.151 | After NULL UDP avahi packet DoS (CVE-2011-1002). | Hosts that seem down (vulnerable): |_ 10.0.1.151
Requires
Author: Djalal Harouni
License: Same as Nmap--See http://nmap.org/book/man-legal.html
