DEBIAN-CVE-2006-5461

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2006-5461

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2006-5461.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2006-5461

Upstream

CVE-2006-5461

Published

2006-11-14T22:07:00Z

Modified

2025-09-19T06:12:15Z

Summary

[none]

Details

Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.

References

https://security-tracker.debian.org/tracker/CVE-2006-5461

Affected packages

Debian:11 / avahi

Package

Name: avahi
Purl: pkg:deb/debian/avahi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.15-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / avahi

Package

Name: avahi
Purl: pkg:deb/debian/avahi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.15-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / avahi

Package

Name: avahi
Purl: pkg:deb/debian/avahi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.15-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:14 / avahi

Package

Name: avahi
Purl: pkg:deb/debian/avahi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.15-1

Ecosystem specific

{
    "urgency": "low"
}