CVE-2006-5461 - CVE Reference - Advisories

CVE Reference: CVE-2006-5461

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5461

Description: Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/30207 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-380-1 SUSE http://www.novell.com/linux/security/advisories/2006_26_sr.html ST 1017257 SAID Secunia Advisory: SA22932 Secunia Advisory: SA23042 Secunia Advisory: SA23020 Secunia Advisory: SA22807 Secunia Advisory: SA22852 MLIST MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:215 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200611-13.xml CONFIRM http://avahi.org/milestone/Avahi%200.6.15 BID 21016

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Cisco ASA and PIX Security Appliances Multiple Vulnerabilities

2.	rPath update for libtiff

3.	HP OpenView Select Identity Connectors Information Disclosure

4.	Gentoo update for realplayer

5.	Gentoo update for yelp

6.	FreeBSD ICMPv6 "Packet Too Big" MTU Denial of Service Vulnerability

7.	Gentoo update for dnsmasq

8.	IBM AIX "swcons" Command Privilege Escalation Vulnerability

9.	SUSE update for IBMJava5-JRE and java-1_5_0-ibm

10.	Najdi.si Toolbar Buffer Overflow Vulnerability