ID CVE-2006-5461
Summary Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.
References
Vulnerable Configurations
  • Avahi 0.6.14
    cpe:2.3:a:avahi:avahi:0.6.14
CVSS
Base: 2.1 (as of 15-11-2006 - 11:03)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200611-13.NASL
    description The remote host is affected by the vulnerability described in GLSA-200611-13 (Avahi: 'netlink' message vulnerability) Avahi does not check that the netlink messages come from the kernel instead of a user-space process. Impact : A local attacker could exploit this vulnerability by crafting malicious netlink messages and trick Avahi to react to fake network changes. This could lead users to connect to untrusted services without knowing. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 23707
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23707
    title GLSA-200611-13 : Avahi: 'netlink' message vulnerability
  • NASL family SuSE Local Security Checks
    NASL id SUSE_AVAHI-2217.NASL
    description Avahi did not check that the received netlink messages originated from the kernel. This could be used by local attackers to inject packets into avahi which could be used to inject bad netlink messages into Avahi, confusing its routing code or worse. (CVE-2006-5461)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27160
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27160
    title openSUSE 10 Security Update : avahi (avahi-2217)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-215.NASL
    description Steve Grubb discovered that netlink messages were not being checked for their sender identity. This could lead to local users manipulating the Avahi service. Packages have been patched to correct this issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 24600
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24600
    title Mandrake Linux Security Advisory : avahi (MDKSA-2006:215)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_AVAHI-2216.NASL
    description Avahi did not check that the received netlink messages originated from the kernel. This could be used by local attackers to inject packets into avahi which could be used to inject bad netlink messages into Avahi, confusing its routing code or worse. (CVE-2006-5461)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29381
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29381
    title SuSE 10 Security Update : avahi (ZYPP Patch Number 2216)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-380-1.NASL
    description Steve Grubb discovered that netlink messages were not being checked for their sender identity. This could lead to local users manipulating the Avahi service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 27962
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27962
    title Ubuntu 5.10 / 6.06 LTS / 6.10 : avahi vulnerability (USN-380-1)
refmap via4
bid 21016
confirm http://avahi.org/milestone/Avahi%200.6.15
gentoo GLSA-200611-13
mandriva MDKSA-2006:215
mlist [avahi-tickets] 20061106 [Avahi] #69: Avahi needs to check the originating process of netlink messages
sectrack 1017257
secunia
  • 22807
  • 22852
  • 22932
  • 23020
  • 23042
suse SUSE-SR:2006:026
ubuntu USN-380-1
vupen ADV-2006-4474
xf avahi-netlink-security-bypass(30207)
Last major update 07-03-2011 - 21:43
Published 14-11-2006 - 17:07
Last modified 03-10-2018 - 17:45
Back to Top