Описание
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | released | 0.7-3.1ubuntu1.2 |
| cosmic | released | 0.7-4ubuntu2.1 |
| devel | released | 0.7-4ubuntu5 |
| esm-infra-legacy/trusty | not-affected | 0.6.31-4ubuntu1.3 |
| esm-infra/bionic | not-affected | 0.7-3.1ubuntu1.2 |
| esm-infra/xenial | not-affected | 0.6.32~rc+dfsg-1ubuntu2.3 |
| precise | ignored | end of life |
| precise/esm | not-affected | 0.6.30-5ubuntu2.3 |
| trusty | released | 0.6.31-4ubuntu1.3 |
Показывать по
6.4 Medium
CVSS2
9.1 Critical
CVSS3
Связанные уязвимости
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to ...
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
6.4 Medium
CVSS2
9.1 Critical
CVSS3