Denial of Service Vulnerability in Avahi by Lacking Input Validation
CVE-2006-6870

Currently unrated

Key Information:

Vendor

Avahi

Status
Avahi
Vendor
CVE Published:
31 December 2006

What is CVE-2006-6870?

A vulnerability exists in the consume_labels function within the avahi-core/dns.c file of Avahi versions prior to 0.6.16. This flaw allows remote attackers to trigger a denial of service condition by sending a specially crafted compressed DNS response containing a label that recursively points to itself. This results in an infinite loop, causing the service to become unresponsive, which can compromise system functionality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/23673
third-party-advisoryx_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://www.avahi.org/#December2006
x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.