Hugo Dias of the Synchron Security Labs discovered a remote denial of service flaw in the avahi daemon. A crafted multicast DNS (mDNS) packet with source port 0 can trigger assertion in originates_from_local_legacy_unicast_socket() function in avahi-core/server.c -- assert(port > 0); -- causing the daemon to call abort() and exit unexpectedly.
Scope of this attack is usually limited to a single LAN.
Public now via new upstream release 0.6.24:
avahi-0.6.22-12.fc10 has been submitted as an update for Fedora 10.
Hugo Dias' advisory:
avahi-0.6.22-12.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.