Hello Hadmut, my first inclination is that this isn't a security issue: - services should use cryptographic verification of both peers, if this is important - network administrators can use port security settings on their equipment to restrict which hosts can communicate in which fashions
If I've overlooked something, please do let us know. Thanks -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to avahi in Ubuntu. https://bugs.launchpad.net/bugs/2002891 Title: avahi_service_browser_new() failed: Invalid service type Status in avahi package in Ubuntu: New Bug description: Hi, on a network, where the router offers DHCP, but does not put the DHCP clients in a DNS domain, thus where it is necessary to use mdns/avahi instead, I ran into several problems with avahi. One is avahi-browse -a -t avahi_service_browser_new() failed: Invalid service type No other output. i.e. it just does not work. In this network, all Ubuntu machines show this behaviour. In my other network (with working DHCP-DNS, different router, different brand, therefore not depending on mdns) the problem does not occur Since the debugging output of avahi software is – if at all – very poor, I cannot see what causes this problem. However, dbus-monitor --system showed ... method call time=1673742811.321042 sender=:1.692 -> destination=org.freedesktop.Avahi serial=10 path=/; interface=org.freedesktop.Avahi.Server; member=ServiceBrowserNew int32 -1 int32 -1 string "_ipp._tcp" string "local" uint32 0 method return time=1673742811.321093 sender=:1.479 -> destination=:1.692 serial=557 reply_serial=10 object path "/Client29/ServiceBrowser3" method call time=1673742811.321259 sender=:1.692 -> destination=org.freedesktop.Avahi serial=11 path=/; interface=org.freedesktop.Avahi.Server; member=ServiceBrowserNew int32 -1 int32 -1 string "_scanner._tcp" string "local" uint32 0 method return time=1673742811.321301 sender=:1.479 -> destination=:1.692 serial=558 reply_serial=11 object path "/Client29/ServiceBrowser4" method call time=1673742811.321391 sender=:1.692 -> destination=org.freedesktop.Avahi serial=12 path=/; interface=org.freedesktop.Avahi.Server; member=ServiceBrowserNew int32 -1 int32 -1 string "" string "" uint32 0 error time=1673742811.321479 sender=:1.479 -> destination=:1.692 error_name=org.freedesktop.Avahi.InvalidServiceTypeError reply_serial=12 string "Invalid service type" So it seems as if the client (browser) queries one services after the other, which works, but then an empty string as a name, which is rejected by the daemon, which then makes the client to spit out this error message and then terminate immediately. Since I have similar (i.e. very similar, both created with puppet) machines, and all machines in one network fail, while similar machines in another don't, I guess that the problem is caused by some network reply, maybe a printer. This, however, could be a security problem, because if someone can cause avahi and thus mdns resolution to fail in networks like this here, where the router and dhcp server does not offer the host names in a DNS domain (Huawei glass fiber router), a malformed packet could cause the mdns resolution of avahi to fail and therefore could be used for an attack, effectively blocking certain kinds of mdns service resolution. But since I have not yet understood what really causes this problem, it is just an assumption. regards ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: avahi-utils 0.8-5ubuntu5 ProcVersionSignature: Ubuntu 5.15.0-58.64-generic 5.15.74 Uname: Linux 5.15.0-58-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu82.3 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Sun Jan 15 02:35:24 2023 InstallationDate: Installed on 2022-12-25 (20 days ago) InstallationMedia: Xubuntu 22.04.1 LTS "Jammy Jellyfish" - Release amd64 (20220809.1) SourcePackage: avahi UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/2002891/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
