Detections
Analytics
openSUSE 10 Security Update : avahi (avahi-2217)
low Nessus Plugin ID 27160
Synopsis
The remote openSUSE host is missing a security update.Description
Avahi did not check that the received netlink messages originated from the kernel. This could be used by local attackers to inject packets into avahi which could be used to inject bad netlink messages into Avahi, confusing its routing code or worse. (CVE-2006-5461)Solution
Update the affected avahi package.Plugin Details
Severity: Low
ID: 27160
File Name: suse_avahi-2217.nasl
Version: 1.13
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 10/17/2007
Updated: 1/14/2021
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.4
CVSS v2
Risk Factor: Low
Base Score: 2.1
Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N
Vulnerability Information
CPE: cpe:/o:novell:opensuse:10.1, p-cpe:/a:novell:opensuse:avahi
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 10/30/2006
Reference Information
CVE: CVE-2006-5461