LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

avahi: sender id check

Package(s):avahi CVE #(s):CVE-2006-5461
Created:November 13, 2006 Updated:December 20, 2006
Description: Steve Grubb discovered that netlink messages were not being checked for their sender identity. This could lead to local users manipulating the Avahi service.
Alerts:
Ubuntu USN-380-2 2006-12-14
Fedora FEDORA-2006-1340 2006-12-11
Fedora FEDORA-2006-1339 2006-11-28
Gentoo 200611-13 2006-11-20
Mandriva MDKSA-2006:215 2006-11-20
Ubuntu USN-380-1 2006-11-11
(Log in to post comments)

avahi: sender id check

Posted Feb 17, 2007 18:31 UTC (Sat) by kreutzm (guest, #4700) [Link]

Debian: Sarge does not ship avahi-daemon and Etch has a newer version than the vulnerable one

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds