[PLUG] mDNS vulnerability issue in CentOS 8.3
Amey Abhyankar
sco1984 at gmail.com
Fri Jun 25 10:04:50 IST 2021
On Thu, 24 Jun 2021 at 22:54, शंतनू <shantanoo at gmail.com> wrote:
>
>
> On Thu, Jun 24, 2021 at 9:48 AM Amey Abhyankar via plug-mail <plug-mail at plug.org.in> wrote:
>>
>> Hello,
>>
>> Anybody knows if this service is bind to Avahi domain or it's a part
>> of dnsmasq service?
>>
>
> Try running
>
> netstat -tunlp | grep 5353
Thanks.
I tend to use netstat -pant command.
-tunlp helped me to get the details.
It's the avahi-daemon.
Regards,
Amey.
>
> Last column is PID/Program. It might help in getting the details.
>
> Another option, stop dnsmasq and check with netstat again.
> (You might want to have a look at lsof command)
>
>>
>> The VAPT [1] report indicates that port 5353 (UDP) on my CentOS 8.3 is
>> vulnerable.
>
>
> How did you run the VAPT test? From a remote machine, another machine on the intranet or from the internet?
>
>>
>> If I do netstat, nothing is listening on this port.
>> if I search by the mDNS hostname on /, no results.
>> I do not have the mDNS entry in my /etc/hosts
>>
>> Regards,
>> Amey.
>>
>> [1] VAPT = Vulnerability assessment & penetration testing
More information about the plug-mail
mailing list