Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-6519

Опубликовано: 01 мая 2017
Источник: nvd
CVSS3: 9.1
CVSS2: 6.4
EPSS Низкий

Описание

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*
Версия до 0.6.32 (включая)
cpe:2.3:a:avahi:avahi:0.7:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

EPSS

Процентиль: 81%
0.01618
Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-346

Связанные уязвимости

ubuntu логотип

CVE-2017-6519

CVSS3: 9.1
ubuntu
около 8 лет назад

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

redhat логотип

CVE-2017-6519

CVSS3: 5.8
redhat
около 10 лет назад

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

msrc логотип

CVE-2017-6519

CVSS3: 9.1
msrc
больше 3 лет назад

Описание отсутствует

debian логотип

CVE-2017-6519

CVSS3: 9.1
debian
около 8 лет назад

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to ...

github логотип

GHSA-6vpj-pr2c-5mm2

CVSS3: 9.1
github
около 3 лет назад

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

EPSS

Процентиль: 81%
0.01618
Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-346