CVE-2007-3372
- EPSS 0.1%
- Veröffentlicht 22.06.2007 21:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.
- EPSS 5.94%
- Veröffentlicht 31.12.2006 05:00:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself.
CVE-2006-5461
- EPSS 0.08%
- Veröffentlicht 14.11.2006 22:07:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.
CVE-2006-2288
- EPSS 0.07%
- Veröffentlicht 10.05.2006 02:14:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Avahi before 0.6.10 allows local users to cause a denial of service (mDNS/DNS-SD service disconnect) via unspecified mDNS name conflicts.
CVE-2006-2289
- EPSS 0.12%
- Veröffentlicht 10.05.2006 02:14:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code via unknown vectors.