[PLUG] mDNS vulnerability issue in CentOS 8.3
शंतनू
shantanoo at gmail.com
Thu Jun 24 22:54:33 IST 2021
On Thu, Jun 24, 2021 at 9:48 AM Amey Abhyankar via plug-mail <
plug-mail at plug.org.in> wrote:
> Hello,
>
> Anybody knows if this service is bind to Avahi domain or it's a part
> of dnsmasq service?
>
>
Try running
netstat -tunlp | grep 5353
Last column is PID/Program. It might help in getting the details.
Another option, stop dnsmasq and check with netstat again.
(You might want to have a look at lsof command)
> The VAPT [1] report indicates that port 5353 (UDP) on my CentOS 8.3 is
> vulnerable.
>
How did you run the VAPT test? From a remote machine, another machine on
the intranet or from the internet?
> If I do netstat, nothing is listening on this port.
> if I search by the mDNS hostname on /, no results.
> I do not have the mDNS entry in my /etc/hosts
>
> Regards,
> Amey.
>
> [1] VAPT = Vulnerability assessment & penetration testing
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.plug.org.in/pipermail/plug-mail/attachments/20210624/3f57288d/attachment.htm>
More information about the plug-mail
mailing list