Vulnerabilities > Avahi > Avahi > 0.6.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-02 | CVE-2023-38473 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi. | 5.5 |
2023-11-02 | CVE-2023-38469 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. | 5.5 |
2023-11-02 | CVE-2023-38470 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi. | 5.5 |
2023-11-02 | CVE-2023-38471 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi. | 5.5 |
2023-11-02 | CVE-2023-38472 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi. | 5.5 |
2021-06-02 | CVE-2021-3468 | Infinite Loop vulnerability in multiple products A flaw was found in avahi in versions 0.6 up to 0.8. | 5.5 |
2021-02-17 | CVE-2021-26720 | Link Following vulnerability in multiple products avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. | 7.8 |
2017-05-01 | CVE-2017-6519 | Origin Validation Error vulnerability in multiple products avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. | 9.1 |
2008-12-17 | CVE-2008-5081 | Resource Management Errors vulnerability in Avahi The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure. | 5.0 |
2007-06-22 | CVE-2007-3372 | Denial Of Service vulnerability in Avahi Empty TXT Data The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error. | 2.1 |