Описание
Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.
Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-5461
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30207
- https://tango.0pointer.de/pipermail/avahi-tickets/2006-November/000320.html
- https://usn.ubuntu.com/380-1
- http://avahi.org/milestone/Avahi%200.6.15
- http://secunia.com/advisories/22807
- http://secunia.com/advisories/22852
- http://secunia.com/advisories/22932
- http://secunia.com/advisories/23020
- http://secunia.com/advisories/23042
- http://securitytracker.com/id?1017257
- http://www.gentoo.org/security/en/glsa/glsa-200611-13.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:215
- http://www.novell.com/linux/security/advisories/2006_26_sr.html
- http://www.securityfocus.com/bid/21016
- http://www.vupen.com/english/advisories/2006/4474
EPSS
CVE ID
Связанные уязвимости
Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.
Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.
Avahi before 0.6.15 does not verify the sender identity of netlink mes ...
Уязвимость операционной системы Gentoo Linux, позволяющая злоумышленнику нарушить целостность защищаемой информации
EPSS