CVE-2021-26720

🗓️ 17 Feb 2021 21:19:26Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 6 Media mentions👁 224 Views

avahi-daemon-check-dns.sh in Debian avahi package allows local attacker to create empty files via symlink attac

Reporter	Title	Published	Views	Family All 58
AlpineLinux	CVE-2021-26720	17 Feb 202121:19	–	alpinelinux
AstraLinux	Astra Linux - уязвимость в avahi	3 May 202623:59	–	astralinux
CBLMariner	CVE-2021-26720 affecting package avahi for versions less than 0.8-1	19 Mar 202417:21	–	cbl_mariner
CBLMariner	CVE-2021-26720 affecting package avahi for versions less than 0.8-1	26 Apr 202219:39	–	cbl_mariner
Circl	CVE-2021-26720	18 Feb 202100:49	–	circl
CNNVD	Debian avahi backlink vulnerability	17 Feb 202100:00	–	cnnvd
Cvelist	CVE-2021-26720	17 Feb 202121:19	–	cvelist
Debian	[SECURITY] [DLA 3047-1] avahi security update	7 Jun 202218:23	–	debian
Debian CVE	CVE-2021-26720	17 Feb 202121:19	–	debiancve
Tenable Nessus	Debian DLA-3047-1 : avahi - LTS security update	8 Jun 202200:00	–	nessus

NVD

Node

avahi avahiRange≤0.8-4

Node

Source	Link
packages	www.packages.debian.org/buster/avahi-daemon
metadata	www.metadata.ftp-master.debian.org/changelogs/main/a/avahi/avahi_0.8-4_changelog
packages	www.packages.debian.org/sid/avahi-daemon
bugzilla	www.bugzilla.suse.com/show_bug.cgi
bugs	www.bugs.launchpad.net/ubuntu/+source/avahi/+bug/1870824
openwall	www.openwall.com/lists/oss-security/2021/02/15/2
lists	www.lists.debian.org/debian-lts-announce/2022/06/msg00009.html
bugs	www.bugs.debian.org/cgi-bin/bugreport.cgi
packages	www.packages.debian.org/bullseye/avahi-daemon
security-tracker	www.security-tracker.debian.org/tracker/CVE-2021-26720

21 Nov 2024 05:56Current

7.2High risk

Vulners AI Score7.2

CVSS 24.6

CVSS 3.17.8

EPSS0.00089