French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Mandriva Security Update Fixes Avahi Messages Security Bypass Vulnerability

Title : Mandriva Security Update Fixes Avahi Messages Security Bypass Vulnerability
Advisory ID : FrSIRT/ADV-2006-4617
CVE ID : CVE-2006-5461
Rated as : Low Risk 
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2006-11-21

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

Mandriva has released updated packages to address a vulnerability identified in Avahi [...]

Solution

Upgrade the affected packages :

Mandriva Linux 2007.0:
8b8082eb0c550bfa56e1ab6df6c26224 2007.0/i586/avahi-0.6.13-4.1mdv2007.0.i586.rpm
54b76c1c12ed46b8e5983e1f71eb9b06 2007.0/i586/avahi-dnsconfd-0.6.13-4.1mdv2007.0.i586.rpm
8284c933fed872b3e3f5817645c0ef92 2007.0/i586/avahi-python-0.6.13-4.1mdv2007.0.i586.rpm
dbb80e6511092bb8f1c6d0d6a06c6abf 2007.0/i586/avahi-sharp-0.6.13-4.1mdv2007.0.i586.rpm
d7b2c63469f8d7e02bd7a2b54e116bbe 2007.0/i586/avahi-x11-0.6.13-4.1mdv2007.0.i586.rpm
f7fa07cccd9dd0830250db788a2a1b81 2007.0/i586/libavahi-client3-0.6.13-4.1mdv2007.0.i586.rpm
eecd18f14552d70f1b18249fe7b1195f 2007.0/i586/libavahi-client3-devel-0.6.13-4.1mdv2007.0.i586.rpm
4bc4663193c8761ffad6fe5e22ef541e 2007.0/i586/libavahi-common3-0.6.13-4.1mdv2007.0.i586.rpm
ebdba95e5e7e8c5a681fc56165ada153 2007.0/i586/libavahi-common3-devel-0.6.13-4.1mdv2007.0.i586.rpm
950af5ad6ac377561ab7179e99aefb55 2007.0/i586/libavahi-compat-howl0-0.6.13-4.1mdv2007.0.i586.rpm
cb102e130142c9838f071136a5b3ec57 2007.0/i586/libavahi-compat-howl0-devel-0.6.13-4.1mdv2007.0.i586.rpm
1b7ef31a64921cb0562c757a9d0528bd 2007.0/i586/libavahi-compat-libdns_sd1-0.6.13-4.1mdv2007.0.i586.rpm
bd9acd313bac2d123926d14aa7db2fb4 2007.0/i586/libavahi-compat-libdns_sd1-devel-0.6.13-4.1mdv2007.0.i586.rpm
14369ebc6ae7a7d0b1b52b4996b3ae0c 2007.0/i586/libavahi-core4-0.6.13-4.1mdv2007.0.i586.rpm
e4e8f50ba75b30f9ff631c3aeefc18af 2007.0/i586/libavahi-core4-devel-0.6.13-4.1mdv2007.0.i586.rpm
13e2a3acd9536e836c3b446af59adeff 2007.0/i586/libavahi-glib1-0.6.13-4.1mdv2007.0.i586.rpm
cfe0b49f30234f8be62b0f3914979523 2007.0/i586/libavahi-glib1-devel-0.6.13-4.1mdv2007.0.i586.rpm
6c9058272513502a4d5980b63a19b530 2007.0/i586/libavahi-qt3_1-0.6.13-4.1mdv2007.0.i586.rpm
d846e199c543903d0ce9eeed2c2e9445 2007.0/i586/libavahi-qt3_1-devel-0.6.13-4.1mdv2007.0.i586.rpm
315e4463187ffc1d5492445af479615d 2007.0/i586/libavahi-qt4_1-0.6.13-4.1mdv2007.0.i586.rpm
606d90de97300ce0a8c648f1ec305ada 2007.0/i586/libavahi-qt4_1-devel-0.6.13-4.1mdv2007.0.i586.rpm
65a7cba76e2824cbab5797b38ed8ccc1 2007.0/SRPMS/avahi-0.6.13-4.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
9b25dad2dbf79d86c8c9c727f61e0a03 2007.0/x86_64/avahi-0.6.13-4.1mdv2007.0.x86_64.rpm
d7a8aabf6ab859767041c9abe20d51cd 2007.0/x86_64/avahi-dnsconfd-0.6.13-4.1mdv2007.0.x86_64.rpm
0117840569b82bddc137b8e78ea5f08b 2007.0/x86_64/avahi-python-0.6.13-4.1mdv2007.0.x86_64.rpm
e9332cffa74eb39a50488471d6ffa193 2007.0/x86_64/avahi-sharp-0.6.13-4.1mdv2007.0.x86_64.rpm
9a84e81be93c4f5609e3fafaf4f0309b 2007.0/x86_64/avahi-x11-0.6.13-4.1mdv2007.0.x86_64.rpm
7f9549b1457023b2b9fe4c2f9c8d2b53 2007.0/x86_64/lib64avahi-client3-0.6.13-4.1mdv2007.0.x86_64.rpm
299db6bd0cf61a35cea1c3753a191694 2007.0/x86_64/lib64avahi-client3-devel-0.6.13-4.1mdv2007.0.x86_64.rpm
3edcf95944dac478d0bc3c804acf833d 2007.0/x86_64/lib64avahi-common3-0.6.13-4.1mdv2007.0.x86_64.rpm
b04bb0a5da39a6eee3b23b96374c1b19 2007.0/x86_64/lib64avahi-common3-devel-0.6.13-4.1mdv2007.0.x86_64.rpm
6fc42297b5fa1253b718a81cbb1d4fd2 2007.0/x86_64/lib64avahi-compat-howl0-0.6.13-4.1mdv2007.0.x86_64.rpm
126c86c305e1e8acf3c6f93a078bf868 2007.0/x86_64/lib64avahi-compat-howl0-devel-0.6.13-4.1mdv2007.0.x86_64.rpm
f5dbb9e0fa82ba39c19c1797391aa5d3 2007.0/x86_64/lib64avahi-compat-libdns_sd1-0.6.13-4.1mdv2007.0.x86_64.rpm
f579c55f1f3c6984a54cae5917156ae6 2007.0/x86_64/lib64avahi-compat-libdns_sd1-devel-0.6.13-4.1mdv2007.0.x86_64.rpm
cdf62c1243fe9018809d7135968f12e1 2007.0/x86_64/lib64avahi-core4-0.6.13-4.1mdv2007.0.x86_64.rpm
6bee1aa33a4f7dfd58db568c29936482 2007.0/x86_64/lib64avahi-core4-devel-0.6.13-4.1mdv2007.0.x86_64.rpm
750eef176729afa38c61b5688047cb5e 2007.0/x86_64/lib64avahi-glib1-0.6.13-4.1mdv2007.0.x86_64.rpm
83cd5fc0401ae0dc0b39f0e905938889 2007.0/x86_64/lib64avahi-glib1-devel-0.6.13-4.1mdv2007.0.x86_64.rpm
53341592e5ab2b187367e1c673030a60 2007.0/x86_64/lib64avahi-qt3_1-0.6.13-4.1mdv2007.0.x86_64.rpm
3b001c78e6e8a5e8caf4b8edb9382a33 2007.0/x86_64/lib64avahi-qt3_1-devel-0.6.13-4.1mdv2007.0.x86_64.rpm
92e05b16be7967c540d54cb19770a692 2007.0/x86_64/lib64avahi-qt4_1-0.6.13-4.1mdv2007.0.x86_64.rpm
dc322609350d49ee527b3e59679b2b79 2007.0/x86_64/lib64avahi-qt4_1-devel-0.6.13-4.1mdv2007.0.x86_64.rpm
65a7cba76e2824cbab5797b38ed8ccc1 2007.0/SRPMS/avahi-0.6.13-4.1mdv2007.0.src.rpm

ChangeLog

2006-11-21 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities

Cisco Secure ACS EAP Remote Denial Of Service Vulnerability

Cisco Products Remote DNS Cache Poisoning Vulnerability

Cisco Wide Area Application Services CUPS Remote Vulnerability

Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities

Cisco Intrusion Prevention System Jumbo Frame Vulnerability

Cisco VPN Client Deterministic Network Enhancer Privilege Escalation

Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability

Mozilla Products Remote Code Execution and Security Bypass Issues

Mozilla Products Code Execution and Injection Vulnerabilities

Mozilla JavaScript Garbage Collector Code Execution Vulnerability

Mozilla Thunderbird Code Execution and Cross Site Scripting Issues

Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues

Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues

Oracle Products Multiple Code Execution and Security Bypass Issues

Oracle Products Command Execution and SQL Injection Vulnerabilities

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities

Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy