Script broadcast-avahi-dos

Script types: prerule
Categories: broadcast, dos, intrusive, vuln

Script Summary

Attempts to discover hosts in the local network using the DNS Service Discovery protocol and sends a NULL UDP packet to each host to test if it is vulnerable to the Avahi NULL UDP packet denial of service (CVE-2011-1002).

The broadcast-avahi-dos.wait script argument specifies how many number of seconds to wait before a new attempt of host discovery. Each host who does not respond to this second attempt will be considered vulnerable.


Script Arguments


Wait time in seconds before executing the check, the default value is 20 seconds.

max-newtargets, newtargets

See the documentation for the target library.

See the documentation for the dnssd library.

Example Usage

nmap --script=broadcast-avahi-dos

Script Output

| broadcast-avahi-dos:
|   Discovered hosts:
|   After NULL UDP avahi packet DoS (CVE-2011-1002).
|   Hosts that seem down (vulnerable):



  • Djalal Harouni

License: Same as Nmap--See