• Status In Progress   Reopened
  • Percent Complete
  • Task Type Security Issue
  • Category Any
  • Assigned To
    Márcio Silva
    André Silva
  • Operating System All
  • Severity Critical
  • Priority Very High
  • Reported Version Any
  • Due in Version Undecided
  • Due Date Undecided
  • Votes 1
  • Private
Attached to Project: Packages
Opened by André Silva - 18/01/2018
Last edited by André Silva - 16/10/2019

FS#646 - [avahi] blacklist package since it's a zeroconf implementation

Avahi is a zero-configuration networking implementation that contains critical security issues because mDNS operates under a different trust model than unicast DNS trusting the entire network rather than a designated DNS server, it is vulnerable to spoofing attacks by any system within the multicast IP range. Like SNMP and many other network management protocols, it can also be used by attackers to quickly gain detailed knowledge of the network and its machines. [0]

Since it violates the Hyperbola Social Contract , Avahi should be blacklisted.

Exponenta BC commented on 07.04.2021 10:55

Implementation running on the home windows xp platform. With bonjour works only in short-distance regions seeing that its messages can only attain users positioned on the zeroconf package deal defines the Kerosene Trading Company In Dubai principle interfaces for the essential functionalities of filters can also be customized to allow or to dam unique traffic types.

Date User Effort (H:M)


Available keyboard shortcuts


Task Details

Task Editing