CCE-95679-7| Platform: cpe:/o:debian:debian_linux:11.x, cpe:/o:ubuntu:ubuntu_linux:18.04, cpe:/o:ubuntu:ubuntu_linux:20.04, cpe:/o:ubuntu:ubuntu_linux:22.04, cpe:/o:ubuntu:ubuntu_linux:23.04 | Date: (C)2021-03-08 (M)2023-09-01 |
Avahi is a free zeroconf implementation, including a system for multicast DNS/DNS-SD service discovery. Avahi allows programs to publish and discover services and hosts running on a local network with no specific configuration. For example, a user can plug a computer into a network and Avahi automatically finds printers to print to, files to look at and people to talk to, as well as network services running on the machine.
Rationale:
Automatic discovery of network services is not normally required for system functionality. It is recommended to disable the service to reduce the potential attack surface.
Fix:
Run the following command to disable avahi-daemon # systemctl --now disable avahi-daemon
Parameter:
[yes/no]
Technical Mechanism:
Run the following command to disable avahi-daemon # systemctl --now disable avahi-daemon
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 9.8 | Attack Vector: NETWORK |
| Exploit Score: 3.9 | Attack Complexity: LOW |
| Impact Score: 5.9 | Privileges Required: NONE |
| Severity: CRITICAL | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:87399 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:70812 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:68732 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:92285 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85256 |
