VYPR

rpm package

opensuse/avahi&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/avahi&distro=openSUSE%20Tumbleweed

Vulnerabilities (23)

  • CVE-2008-5081Dec 17, 2008
    affected < 0.8-7.2fixed 0.8-7.2

    The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.

  • CVE-2007-3372Jun 22, 2007
    affected < 0.8-7.2fixed 0.8-7.2

    The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.

  • CVE-2006-5461Nov 14, 2006
    affected < 0.8-7.2fixed 0.8-7.2

    Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.

Page 2 of 2