ID OPENVAS:830030
Type openvas
Reporter Copyright (C) 2009 Greenbone Networks GmbH
Modified 2017-07-06T00:00:00
Description
Check for the Version of avahi
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for avahi MDKSA-2007:003 (avahi)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16
allows remote attackers to cause a denial of service (infinite loop)
via a crafted compressed DNS response with a label that points to
itself.
Updated packages are patched to address this issue.";
tag_affected = "avahi on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2007-01/msg00005.php");
script_id(830030);
script_version("$Revision: 6568 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-04-09 13:53:01 +0200 (Thu, 09 Apr 2009)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_xref(name: "MDKSA", value: "2007:003");
script_cve_id("CVE-2006-6870");
script_name( "Mandriva Update for avahi MDKSA-2007:003 (avahi)");
script_summary("Check for the Version of avahi");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2007.0")
{
if ((res = isrpmvuln(pkg:"avahi", rpm:"avahi~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"avahi-dnsconfd", rpm:"avahi-dnsconfd~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"avahi-python", rpm:"avahi-python~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"avahi-sharp", rpm:"avahi-sharp~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"avahi-x11", rpm:"avahi-x11~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-client3", rpm:"libavahi-client3~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-client3-devel", rpm:"libavahi-client3-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-common3", rpm:"libavahi-common3~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-common3-devel", rpm:"libavahi-common3-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-compat-howl0", rpm:"libavahi-compat-howl0~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-compat-howl0-devel", rpm:"libavahi-compat-howl0-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-compat-libdns_sd1", rpm:"libavahi-compat-libdns_sd1~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-compat-libdns_sd1-devel", rpm:"libavahi-compat-libdns_sd1-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-core4", rpm:"libavahi-core4~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-core4-devel", rpm:"libavahi-core4-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-glib1", rpm:"libavahi-glib1~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-glib1-devel", rpm:"libavahi-glib1-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-qt3_1", rpm:"libavahi-qt3_1~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-qt3_1-devel", rpm:"libavahi-qt3_1-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-qt4_1", rpm:"libavahi-qt4_1~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libavahi-qt4_1-devel", rpm:"libavahi-qt4_1-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-client3", rpm:"lib64avahi-client3~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-client3-devel", rpm:"lib64avahi-client3-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-common3", rpm:"lib64avahi-common3~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-common3-devel", rpm:"lib64avahi-common3-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-compat-howl0", rpm:"lib64avahi-compat-howl0~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-compat-howl0-devel", rpm:"lib64avahi-compat-howl0-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-compat-libdns_sd1", rpm:"lib64avahi-compat-libdns_sd1~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-compat-libdns_sd1-devel", rpm:"lib64avahi-compat-libdns_sd1-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-core4", rpm:"lib64avahi-core4~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-core4-devel", rpm:"lib64avahi-core4-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-glib1", rpm:"lib64avahi-glib1~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-glib1-devel", rpm:"lib64avahi-glib1-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-qt3_1", rpm:"lib64avahi-qt3_1~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-qt3_1-devel", rpm:"lib64avahi-qt3_1-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-qt4_1", rpm:"lib64avahi-qt4_1~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64avahi-qt4_1-devel", rpm:"lib64avahi-qt4_1-devel~0.6.13~4.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:830030", "type": "openvas", "bulletinFamily": "scanner", "title": "Mandriva Update for avahi MDKSA-2007:003 (avahi)", "description": "Check for the Version of avahi", "published": "2009-04-09T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=830030", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["http://lists.mandriva.com/security-announce/2007-01/msg00005.php", "2007:003"], "cvelist": ["CVE-2006-6870"], "lastseen": "2017-07-24T12:57:01", "viewCount": 0, "enchantments": {"score": {"value": 6.0, "vector": "NONE", "modified": "2017-07-24T12:57:01", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-6870"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310830030", "OPENVAS:840023", "OPENVAS:861455", "OPENVAS:861059"]}, {"type": "osvdb", "idList": ["OSVDB:31220"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7018", "SECURITYVULNS:DOC:15625"]}, {"type": "nessus", "idList": ["UBUNTU_USN-402-1.NASL", "SUSE_AVAHI-2982.NASL", "MANDRAKE_MDKSA-2007-003.NASL", "SUSE_AVAHI-2986.NASL", "FEDORA_2007-018.NASL", "FEDORA_2007-019.NASL"]}, {"type": "fedora", "idList": ["FEDORA:L07JKDSB009334", "FEDORA:L0FGKSHJ008073"]}, {"type": "ubuntu", "idList": ["USN-402-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:58655"]}], "modified": "2017-07-24T12:57:01", "rev": 2}, "vulnersScore": 6.0}, "pluginID": "830030", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for avahi MDKSA-2007:003 (avahi)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16\n allows remote attackers to cause a denial of service (infinite loop)\n via a crafted compressed DNS response with a label that points to\n itself.\n\n Updated packages are patched to address this issue.\";\n\ntag_affected = \"avahi on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-01/msg00005.php\");\n script_id(830030);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:53:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:003\");\n script_cve_id(\"CVE-2006-6870\");\n script_name( \"Mandriva Update for avahi MDKSA-2007:003 (avahi)\");\n\n script_summary(\"Check for the Version of avahi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"avahi-dnsconfd\", rpm:\"avahi-dnsconfd~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"avahi-python\", rpm:\"avahi-python~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"avahi-sharp\", rpm:\"avahi-sharp~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"avahi-x11\", rpm:\"avahi-x11~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-client3-devel\", rpm:\"libavahi-client3-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-common3-devel\", rpm:\"libavahi-common3-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-compat-howl0\", rpm:\"libavahi-compat-howl0~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-compat-howl0-devel\", rpm:\"libavahi-compat-howl0-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-compat-libdns_sd1\", rpm:\"libavahi-compat-libdns_sd1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-compat-libdns_sd1-devel\", rpm:\"libavahi-compat-libdns_sd1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-core4\", rpm:\"libavahi-core4~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-core4-devel\", rpm:\"libavahi-core4-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-glib1-devel\", rpm:\"libavahi-glib1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-qt3_1\", rpm:\"libavahi-qt3_1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-qt3_1-devel\", rpm:\"libavahi-qt3_1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-qt4_1\", rpm:\"libavahi-qt4_1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-qt4_1-devel\", rpm:\"libavahi-qt4_1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-client3\", rpm:\"lib64avahi-client3~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-client3-devel\", rpm:\"lib64avahi-client3-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-common3\", rpm:\"lib64avahi-common3~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-common3-devel\", rpm:\"lib64avahi-common3-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-compat-howl0\", rpm:\"lib64avahi-compat-howl0~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-compat-howl0-devel\", rpm:\"lib64avahi-compat-howl0-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-compat-libdns_sd1\", rpm:\"lib64avahi-compat-libdns_sd1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-compat-libdns_sd1-devel\", rpm:\"lib64avahi-compat-libdns_sd1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-core4\", rpm:\"lib64avahi-core4~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-core4-devel\", rpm:\"lib64avahi-core4-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-glib1\", rpm:\"lib64avahi-glib1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-glib1-devel\", rpm:\"lib64avahi-glib1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-qt3_1\", rpm:\"lib64avahi-qt3_1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-qt3_1-devel\", rpm:\"lib64avahi-qt3_1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-qt4_1\", rpm:\"lib64avahi-qt4_1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-qt4_1-devel\", rpm:\"lib64avahi-qt4_1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Mandrake Local Security Checks"}
{"cve": [{"lastseen": "2020-10-03T11:48:20", "description": "The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself.\nThis vulnerability is addressed in the following product release:\r\nAvahi, Avahi, 0.6.16", "edition": 3, "cvss3": {}, "published": "2006-12-31T05:00:00", "title": "CVE-2006-6870", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-6870"], "modified": "2011-03-08T02:47:00", "cpe": ["cpe:/a:avahi:avahi:0.6.12", "cpe:/a:avahi:avahi:0.6.14", "cpe:/a:avahi:avahi:0.6.7", "cpe:/a:avahi:avahi:0.6.8", "cpe:/a:avahi:avahi:0.6.13", "cpe:/a:avahi:avahi:0.6.15", "cpe:/a:avahi:avahi:0.6.11", "cpe:/a:avahi:avahi:0.6.10", "cpe:/a:avahi:avahi:0.6.9"], "id": "CVE-2006-6870", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6870", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:avahi:avahi:0.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:avahi:avahi:0.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:avahi:avahi:0.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:avahi:avahi:0.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:avahi:avahi:0.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:avahi:avahi:0.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:avahi:avahi:0.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:avahi:avahi:0.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:avahi:avahi:0.6.9:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-04-09T11:41:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870"], "description": "Check for the Version of avahi", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:1361412562310830030", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830030", "type": "openvas", "title": "Mandriva Update for avahi MDKSA-2007:003 (avahi)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for avahi MDKSA-2007:003 (avahi)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16\n allows remote attackers to cause a denial of service (infinite loop)\n via a crafted compressed DNS response with a label that points to\n itself.\n\n Updated packages are patched to address this issue.\";\n\ntag_affected = \"avahi on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-01/msg00005.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830030\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:53:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:003\");\n script_cve_id(\"CVE-2006-6870\");\n script_name( \"Mandriva Update for avahi MDKSA-2007:003 (avahi)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of avahi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"avahi-dnsconfd\", rpm:\"avahi-dnsconfd~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"avahi-python\", rpm:\"avahi-python~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"avahi-sharp\", rpm:\"avahi-sharp~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"avahi-x11\", rpm:\"avahi-x11~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-client3-devel\", rpm:\"libavahi-client3-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-common3-devel\", rpm:\"libavahi-common3-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-compat-howl0\", rpm:\"libavahi-compat-howl0~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-compat-howl0-devel\", rpm:\"libavahi-compat-howl0-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-compat-libdns_sd1\", rpm:\"libavahi-compat-libdns_sd1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-compat-libdns_sd1-devel\", rpm:\"libavahi-compat-libdns_sd1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-core4\", rpm:\"libavahi-core4~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-core4-devel\", rpm:\"libavahi-core4-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-glib1-devel\", rpm:\"libavahi-glib1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-qt3_1\", rpm:\"libavahi-qt3_1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-qt3_1-devel\", rpm:\"libavahi-qt3_1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-qt4_1\", rpm:\"libavahi-qt4_1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libavahi-qt4_1-devel\", rpm:\"libavahi-qt4_1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-client3\", rpm:\"lib64avahi-client3~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-client3-devel\", rpm:\"lib64avahi-client3-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-common3\", rpm:\"lib64avahi-common3~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-common3-devel\", rpm:\"lib64avahi-common3-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-compat-howl0\", rpm:\"lib64avahi-compat-howl0~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-compat-howl0-devel\", rpm:\"lib64avahi-compat-howl0-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-compat-libdns_sd1\", rpm:\"lib64avahi-compat-libdns_sd1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-compat-libdns_sd1-devel\", rpm:\"lib64avahi-compat-libdns_sd1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-core4\", rpm:\"lib64avahi-core4~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-core4-devel\", rpm:\"lib64avahi-core4-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-glib1\", rpm:\"lib64avahi-glib1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-glib1-devel\", rpm:\"lib64avahi-glib1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-qt3_1\", rpm:\"lib64avahi-qt3_1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-qt3_1-devel\", rpm:\"lib64avahi-qt3_1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-qt4_1\", rpm:\"lib64avahi-qt4_1~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64avahi-qt4_1-devel\", rpm:\"lib64avahi-qt4_1-devel~0.6.13~4.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870"], "description": "Check for the Version of avahi", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861455", "href": "http://plugins.openvas.org/nasl.php?oid=861455", "type": "openvas", "title": "Fedora Update for avahi FEDORA-2007-019", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for avahi FEDORA-2007-019\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"avahi on Fedora Core 6\";\ntag_insight = \"Avahi is a system which facilitates service discovery on\n a local network -- this means that you can plug your laptop or\n computer into a network and instantly be able to view other people who\n you can chat with, find printers to print to or find files being\n shared. This kind of technology is already found in MacOS X (branded\n 'Rendezvous', 'Bonjour' and sometimes 'ZeroConf') and is very\n convenient.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00074.html\");\n script_id(861455);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-019\");\n script_cve_id(\"CVE-2006-6870\");\n script_name( \"Fedora Update for avahi FEDORA-2007-019\");\n\n script_summary(\"Check for the Version of avahi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC6\")\n{\n\n if ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-compat-libdns_sd\", rpm:\"x86_64/avahi-compat-libdns_sd~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-qt3\", rpm:\"x86_64/avahi-qt3~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-glib\", rpm:\"x86_64/avahi-glib~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-compat-howl-devel\", rpm:\"x86_64/avahi-compat-howl-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-tools\", rpm:\"x86_64/avahi-tools~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-compat-howl\", rpm:\"x86_64/avahi-compat-howl~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-compat-libdns_sd-devel\", rpm:\"x86_64/avahi-compat-libdns_sd-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-devel\", rpm:\"x86_64/avahi-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-glib-devel\", rpm:\"x86_64/avahi-glib-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-qt3-devel\", rpm:\"x86_64/avahi-qt3-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/avahi-debuginfo\", rpm:\"x86_64/debug/avahi-debuginfo~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi\", rpm:\"x86_64/avahi~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-sharp\", rpm:\"x86_64/avahi-sharp~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-devel\", rpm:\"i386/avahi-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-glib\", rpm:\"i386/avahi-glib~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-compat-howl\", rpm:\"i386/avahi-compat-howl~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-sharp\", rpm:\"i386/avahi-sharp~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-tools\", rpm:\"i386/avahi-tools~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/avahi-debuginfo\", rpm:\"i386/debug/avahi-debuginfo~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-compat-libdns_sd-devel\", rpm:\"i386/avahi-compat-libdns_sd-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-compat-howl-devel\", rpm:\"i386/avahi-compat-howl-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-glib-devel\", rpm:\"i386/avahi-glib-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-qt3-devel\", rpm:\"i386/avahi-qt3-devel~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-qt3\", rpm:\"i386/avahi-qt3~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi\", rpm:\"i386/avahi~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-compat-libdns_sd\", rpm:\"i386/avahi-compat-libdns_sd~0.6.16~1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:28:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-402-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840023", "href": "http://plugins.openvas.org/nasl.php?oid=840023", "type": "openvas", "title": "Ubuntu Update for avahi vulnerability USN-402-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_402_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for avahi vulnerability USN-402-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was discovered in Avahi's handling of compressed DNS packets. If\n a specially crafted reply were received over the network, the Avahi\n daemon would go into an infinite loop, causing a denial of service.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-402-1\";\ntag_affected = \"avahi vulnerability on Ubuntu 5.10 ,\n Ubuntu 6.06 LTS ,\n Ubuntu 6.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-402-1/\");\n script_id(840023);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:55:18 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"402-1\");\n script_cve_id(\"CVE-2006-6870\");\n script_name( \"Ubuntu Update for avahi vulnerability USN-402-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"avahi-daemon\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avahi-dnsconfd\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avahi-utils\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-client-dev\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-client3\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-common-data\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-common-dev\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-common3\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-compat-howl-dev\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-compat-howl0\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-compat-libdnssd-dev\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-compat-libdnssd1\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-core-dev\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-core4\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-glib-dev\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-glib1\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt3-1\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt3-dev\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avahi-discover\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-cil\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"monodoc-avahi-manual\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.4-avahi\", ver:\"0.6.10-0ubuntu3.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"avahi-daemon\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avahi-dnsconfd\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avahi-utils\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-client-dev\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-client3\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-common-data\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-common-dev\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-common3\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-compat-howl-dev\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-compat-howl0\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-compat-libdnssd-dev\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-compat-libdnssd1\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-core-dev\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-core4\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-glib-dev\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-glib1\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt3-1\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt3-dev\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt4-1\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt4-dev\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avahi-discover\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python-avahi\", ver:\"0.6.13-2ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU5.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"avahi-daemon\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avahi-dnsconfd\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-client-dev\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-client1\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-common-dev\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-common0\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-core-dev\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-core1\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-glib-dev\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-glib0\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt3-0\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt3-dev\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt4-0\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-qt4-dev\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avahi-utils\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavahi-cil\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.4-avahi\", ver:\"0.5.2-1ubuntu1.4\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870", "CVE-2006-5461"], "description": "Check for the Version of avahi", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861059", "href": "http://plugins.openvas.org/nasl.php?oid=861059", "type": "openvas", "title": "Fedora Update for avahi FEDORA-2007-018", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for avahi FEDORA-2007-018\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"avahi on Fedora Core 5\";\ntag_insight = \"Avahi is a system which facilitates service discovery on\n a local network -- this means that you can plug your laptop or\n computer into a network and instantly be able to view other people who\n you can chat with, find printers to print to or find files being\n shared. This kind of technology is already found in MacOS X (branded\n 'Rendezvous', 'Bonjour' and sometimes 'ZeroConf') and is very\n convenient.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00035.html\");\n script_id(861059);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-018\");\n script_cve_id(\"CVE-2006-6870\", \"CVE-2006-5461\");\n script_name( \"Fedora Update for avahi FEDORA-2007-018\");\n\n script_summary(\"Check for the Version of avahi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC5\")\n{\n\n if ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/avahi-debuginfo\", rpm:\"x86_64/debug/avahi-debuginfo~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-compat-howl\", rpm:\"x86_64/avahi-compat-howl~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-compat-libdns_sd-devel\", rpm:\"x86_64/avahi-compat-libdns_sd-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-tools\", rpm:\"x86_64/avahi-tools~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-glib\", rpm:\"x86_64/avahi-glib~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi\", rpm:\"x86_64/avahi~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-qt3\", rpm:\"x86_64/avahi-qt3~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-qt3-devel\", rpm:\"x86_64/avahi-qt3-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-devel\", rpm:\"x86_64/avahi-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-compat-libdns_sd\", rpm:\"x86_64/avahi-compat-libdns_sd~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-sharp\", rpm:\"x86_64/avahi-sharp~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-compat-howl-devel\", rpm:\"x86_64/avahi-compat-howl-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/avahi-glib-devel\", rpm:\"x86_64/avahi-glib-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-sharp\", rpm:\"i386/avahi-sharp~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-compat-howl\", rpm:\"i386/avahi-compat-howl~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-compat-howl-devel\", rpm:\"i386/avahi-compat-howl-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-glib-devel\", rpm:\"i386/avahi-glib-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-tools\", rpm:\"i386/avahi-tools~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi\", rpm:\"i386/avahi~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-glib\", rpm:\"i386/avahi-glib~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-devel\", rpm:\"i386/avahi-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-qt3\", rpm:\"i386/avahi-qt3~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-compat-libdns_sd\", rpm:\"i386/avahi-compat-libdns_sd~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-qt3-devel\", rpm:\"i386/avahi-qt3-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/avahi-compat-libdns_sd-devel\", rpm:\"i386/avahi-compat-libdns_sd-devel~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/avahi-debuginfo\", rpm:\"i386/debug/avahi-debuginfo~0.6.11~3.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:27", "bulletinFamily": "software", "cvelist": ["CVE-2006-6870"], "description": "## Solution Description\nUpgrade to version 0.6.16 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor Specific News/Changelog Entry: http://www.avahi.org/ticket/84\n[Vendor Specific Advisory URL](http://fedoranews.org/cms/node/2362)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-402-1)\n[Secunia Advisory ID:23644](https://secuniaresearch.flexerasoftware.com/advisories/23644/)\n[Secunia Advisory ID:24995](https://secuniaresearch.flexerasoftware.com/advisories/24995/)\n[Secunia Advisory ID:23660](https://secuniaresearch.flexerasoftware.com/advisories/23660/)\n[Secunia Advisory ID:23673](https://secuniaresearch.flexerasoftware.com/advisories/23673/)\n[Secunia Advisory ID:23628](https://secuniaresearch.flexerasoftware.com/advisories/23628/)\n[Secunia Advisory ID:23782](https://secuniaresearch.flexerasoftware.com/advisories/23782/)\nOther Advisory URL: http://fedoranews.org/cms/node/2408\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:003\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2007_007_suse.html\nFrSIRT Advisory: ADV-2007-0071\n[CVE-2006-6870](https://vulners.com/cve/CVE-2006-6870)\nBugtraq ID: 21881\n", "edition": 1, "modified": "2006-12-11T07:18:59", "published": "2006-12-11T07:18:59", "href": "https://vulners.com/osvdb/OSVDB:31220", "id": "OSVDB:31220", "title": "Avahi dns.c consume_labels() Function Remote DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2020-07-09T00:20:47", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6870"], "description": "A flaw was discovered in Avahi's handling of compressed DNS packets. If \na specially crafted reply were received over the network, the Avahi \ndaemon would go into an infinite loop, causing a denial of service.", "edition": 6, "modified": "2007-01-05T00:00:00", "published": "2007-01-05T00:00:00", "id": "USN-402-1", "href": "https://ubuntu.com/security/notices/USN-402-1", "title": "Avahi vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:22", "bulletinFamily": "software", "cvelist": ["CVE-2006-6870"], "description": "Malcrafted DNS response causes endless loop.", "edition": 1, "modified": "2007-01-09T00:00:00", "published": "2007-01-09T00:00:00", "id": "SECURITYVULNS:VULN:7018", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7018", "title": "Avahi DNS response DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:20", "bulletinFamily": "software", "cvelist": ["CVE-2006-6870"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDKSA-2007:003\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : avahi\r\n Date : January 8, 2007\r\n Affected: 2007.0\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16\r\n allows remote attackers to cause a denial of service (infinite loop)\r\n via a crafted compressed DNS response with a label that points to\r\n itself.\r\n\r\n Updated packages are patched to address this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6870\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Mandriva Linux 2007.0:\r\n 3d85bef8519f2b3bc87fa4689c9f1c3c 2007.0/i586/avahi-0.6.13-4.2mdv2007.0.i586.rpm\r\n 4d3917128ec852b8f2bc87c5b5d8666a 2007.0/i586/avahi-dnsconfd-0.6.13-4.2mdv2007.0.i586.rpm\r\n 4edbbf9d64e96b142568b053f04c6616 2007.0/i586/avahi-python-0.6.13-4.2mdv2007.0.i586.rpm\r\n 4d712e30c2fbd4418f3fcf5b6d1b4c0c 2007.0/i586/avahi-sharp-0.6.13-4.2mdv2007.0.i586.rpm\r\n 880684acb045144595581fb339136930 2007.0/i586/avahi-x11-0.6.13-4.2mdv2007.0.i586.rpm\r\n 652be4f82f97c1524a6d0f2986b2cdeb 2007.0/i586/libavahi-client3-0.6.13-4.2mdv2007.0.i586.rpm\r\n 0cda97099767a99a24bfa7055ce2c841 2007.0/i586/libavahi-client3-devel-0.6.13-4.2mdv2007.0.i586.rpm\r\n aa8c01ebe391edb965ec3ef278601bb1 2007.0/i586/libavahi-common3-0.6.13-4.2mdv2007.0.i586.rpm\r\n 23fec0b43f0d2f287023cc8262034488 2007.0/i586/libavahi-common3-devel-0.6.13-4.2mdv2007.0.i586.rpm\r\n 0bf0ec7072425a530a426b117d625845 2007.0/i586/libavahi-compat-howl0-0.6.13-4.2mdv2007.0.i586.rpm\r\n 2d4aca55b435b5b586c8157bd00e298c 2007.0/i586/libavahi-compat-howl0-devel-0.6.13-4.2mdv2007.0.i586.rpm\r\n 491e90b47e58faa7f1136756c2eb56b1 2007.0/i586/libavahi-compat-libdns_sd1-0.6.13-4.2mdv2007.0.i586.rpm\r\n 821a9132a8b03b05a5efab32be3addd5 2007.0/i586/libavahi-compat-libdns_sd1-devel-0.6.13-4.2mdv2007.0.i586.rpm\r\n 7f602260a514a21a2211cabd22c1e6aa 2007.0/i586/libavahi-core4-0.6.13-4.2mdv2007.0.i586.rpm\r\n ffa377ad89f47e07112d94400698bbae 2007.0/i586/libavahi-core4-devel-0.6.13-4.2mdv2007.0.i586.rpm\r\n 01dc5e308f1e94f8fda051511ba470b1 2007.0/i586/libavahi-glib1-0.6.13-4.2mdv2007.0.i586.rpm\r\n 4a90fb91f7a5ff1ca36cbdb9375dd2b2 2007.0/i586/libavahi-glib1-devel-0.6.13-4.2mdv2007.0.i586.rpm\r\n 00e29620a63da300e1032c8f37c7837f 2007.0/i586/libavahi-qt3_1-0.6.13-4.2mdv2007.0.i586.rpm\r\n 01a5534cccae9a70a1ba915a38a82952 2007.0/i586/libavahi-qt3_1-devel-0.6.13-4.2mdv2007.0.i586.rpm\r\n acfec3f7a3d07f6dc07a449f4d1387a3 2007.0/i586/libavahi-qt4_1-0.6.13-4.2mdv2007.0.i586.rpm\r\n d1b583ff8eda500d3058da1138ab8407 2007.0/i586/libavahi-qt4_1-devel-0.6.13-4.2mdv2007.0.i586.rpm \r\n 40e5ad83bf3a3064c1bccf229a5c6bbf 2007.0/SRPMS/avahi-0.6.13-4.2mdv2007.0.src.rpm\r\n\r\n Mandriva Linux 2007.0/X86_64:\r\n 75a40fbced632bdc8babb3709f01f294 2007.0/x86_64/avahi-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n e17b41b7649c696a747ec06b430e688a 2007.0/x86_64/avahi-dnsconfd-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 6186acf41ae8f0466158c9baeb46b688 2007.0/x86_64/avahi-python-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n a810ca0d5eefc79882a2922c4d2b1819 2007.0/x86_64/avahi-sharp-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n ad25b467a05edd773045c4710dfe3802 2007.0/x86_64/avahi-x11-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 8ca2ef2791379beec855af78a4c9ddc6 2007.0/x86_64/lib64avahi-client3-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 45217f18c88ce547cb1a7376e97e3567 2007.0/x86_64/lib64avahi-client3-devel-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 453dbcd08a1fe2413e32cac3b5cb2f11 2007.0/x86_64/lib64avahi-common3-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n fadf1a660490adcf1c47f4ea3d42ba33 2007.0/x86_64/lib64avahi-common3-devel-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 4247e04c65d855d36e5273bed281b463 2007.0/x86_64/lib64avahi-compat-howl0-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n f0cb08bf33d91165d5298223de11f026 2007.0/x86_64/lib64avahi-compat-howl0-devel-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 6652bacf267ea46b4d06a6bed7d504b8 2007.0/x86_64/lib64avahi-compat-libdns_sd1-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 69600fd816780de31621c4b5e86a4644 2007.0/x86_64/lib64avahi-compat-libdns_sd1-devel-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 587258202393cd826826a94af80cbe17 2007.0/x86_64/lib64avahi-core4-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 9b048c8a6dfbc0c42bc088fa6983fe7b 2007.0/x86_64/lib64avahi-core4-devel-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 332e5e3e44ac035cef0d03b26b5d1d6c 2007.0/x86_64/lib64avahi-glib1-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n cfeda3f7394c4cd28074cc393cdb140d 2007.0/x86_64/lib64avahi-glib1-devel-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n b95bec83a950e8ac19ab9d10b24052cd 2007.0/x86_64/lib64avahi-qt3_1-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n be3469df6e708ee450de14911c60d617 2007.0/x86_64/lib64avahi-qt3_1-devel-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 1ccbdfd8ca4f491ef0463da7681ad502 2007.0/x86_64/lib64avahi-qt4_1-0.6.13-4.2mdv2007.0.x86_64.rpm\r\n 871d9ba7088fb9eb9140d80c4de8bd62 2007.0/x86_64/lib64avahi-qt4_1-devel-0.6.13-4.2mdv2007.0.x86_64.rpm \r\n 40e5ad83bf3a3064c1bccf229a5c6bbf 2007.0/SRPMS/avahi-0.6.13-4.2mdv2007.0.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 (GNU/Linux)\r\n\r\niD8DBQFFopVamqjQ0CJFipgRArOeAJ4yZxJt1MHArdrYfFh7QnVxcbLIxQCgrn5t\r\nEPbDKc7LyTDcaHap7saFt+0=\r\n=WcNi\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2007-01-09T00:00:00", "published": "2007-01-09T00:00:00", "id": "SECURITYVULNS:DOC:15625", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:15625", "title": "[ MDKSA-2007:003 ] - Updated avahi packages fix DoS vulnerability", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T11:51:39", "description": "The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16\nallows remote attackers to cause a denial of service (infinite loop)\nvia a crafted compressed DNS response with a label that points to\nitself.\n\nUpdated packages are patched to address this issue.", "edition": 24, "published": "2007-02-18T00:00:00", "title": "Mandrake Linux Security Advisory : avahi (MDKSA-2007:003)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870"], "modified": "2007-02-18T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:avahi-python", "p-cpe:/a:mandriva:linux:libavahi-core4-devel", "p-cpe:/a:mandriva:linux:libavahi-compat-howl0-devel", "p-cpe:/a:mandriva:linux:lib64avahi-client3", "p-cpe:/a:mandriva:linux:lib64avahi-core4", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:lib64avahi-qt4_1-devel", "p-cpe:/a:mandriva:linux:lib64avahi-client3-devel", "p-cpe:/a:mandriva:linux:libavahi-common3", "p-cpe:/a:mandriva:linux:lib64avahi-compat-libdns_sd1-devel", "p-cpe:/a:mandriva:linux:libavahi-qt3_1-devel", "p-cpe:/a:mandriva:linux:lib64avahi-glib1", "p-cpe:/a:mandriva:linux:libavahi-compat-howl0", "p-cpe:/a:mandriva:linux:lib64avahi-common3", "p-cpe:/a:mandriva:linux:lib64avahi-qt3_1", "p-cpe:/a:mandriva:linux:libavahi-qt4_1", "p-cpe:/a:mandriva:linux:libavahi-compat-libdns_sd1", "p-cpe:/a:mandriva:linux:lib64avahi-compat-howl0", "p-cpe:/a:mandriva:linux:avahi-dnsconfd", "p-cpe:/a:mandriva:linux:libavahi-glib1", "p-cpe:/a:mandriva:linux:lib64avahi-qt3_1-devel", "p-cpe:/a:mandriva:linux:libavahi-client3-devel", "p-cpe:/a:mandriva:linux:lib64avahi-common3-devel", "p-cpe:/a:mandriva:linux:libavahi-compat-libdns_sd1-devel", "p-cpe:/a:mandriva:linux:libavahi-qt3_1", "p-cpe:/a:mandriva:linux:avahi", "p-cpe:/a:mandriva:linux:lib64avahi-core4-devel", "p-cpe:/a:mandriva:linux:lib64avahi-compat-howl0-devel", "p-cpe:/a:mandriva:linux:libavahi-glib1-devel", "p-cpe:/a:mandriva:linux:libavahi-common3-devel", "p-cpe:/a:mandriva:linux:lib64avahi-qt4_1", "p-cpe:/a:mandriva:linux:avahi-x11", "p-cpe:/a:mandriva:linux:libavahi-qt4_1-devel", "p-cpe:/a:mandriva:linux:libavahi-core4", "p-cpe:/a:mandriva:linux:lib64avahi-glib1-devel", "p-cpe:/a:mandriva:linux:avahi-sharp", "p-cpe:/a:mandriva:linux:lib64avahi-compat-libdns_sd1", "p-cpe:/a:mandriva:linux:libavahi-client3"], "id": "MANDRAKE_MDKSA-2007-003.NASL", "href": "https://www.tenable.com/plugins/nessus/24620", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:003. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24620);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-6870\");\n script_bugtraq_id(21881);\n script_xref(name:\"MDKSA\", value:\"2007:003\");\n\n script_name(english:\"Mandrake Linux Security Advisory : avahi (MDKSA-2007:003)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16\nallows remote attackers to cause a denial of service (infinite loop)\nvia a crafted compressed DNS response with a label that points to\nitself.\n\nUpdated packages are patched to address this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:avahi-dnsconfd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:avahi-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:avahi-sharp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:avahi-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-client3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-common3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-compat-howl0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-compat-howl0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-compat-libdns_sd1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-compat-libdns_sd1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-core4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-core4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-glib1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-qt3_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-qt3_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-qt4_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64avahi-qt4_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-client3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-common3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-compat-howl0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-compat-howl0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-compat-libdns_sd1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-compat-libdns_sd1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-core4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-core4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-glib1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-qt3_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-qt3_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-qt4_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libavahi-qt4_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"avahi-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"avahi-dnsconfd-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"avahi-python-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"avahi-sharp-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"avahi-x11-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-client3-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-client3-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-common3-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-common3-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-compat-howl0-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-compat-howl0-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-compat-libdns_sd1-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-compat-libdns_sd1-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-core4-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-core4-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-glib1-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-glib1-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-qt3_1-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-qt3_1-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-qt4_1-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64avahi-qt4_1-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-client3-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-client3-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-common3-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-common3-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-compat-howl0-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-compat-howl0-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-compat-libdns_sd1-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-compat-libdns_sd1-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-core4-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-core4-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-glib1-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-glib1-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-qt3_1-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-qt3_1-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-qt4_1-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libavahi-qt4_1-devel-0.6.13-4.2mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:02", "description": "This update shoul fix CVE-2006-6870 reported in #221440.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2007-01-17T00:00:00", "title": "Fedora Core 6 : avahi-0.6.16-1.fc6 (2007-019)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870"], "modified": "2007-01-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:avahi-glib-devel", "p-cpe:/a:fedoraproject:fedora:avahi-debuginfo", "p-cpe:/a:fedoraproject:fedora:avahi-sharp", "cpe:/o:fedoraproject:fedora_core:6", "p-cpe:/a:fedoraproject:fedora:avahi-compat-howl-devel", "p-cpe:/a:fedoraproject:fedora:avahi", "p-cpe:/a:fedoraproject:fedora:avahi-qt3", "p-cpe:/a:fedoraproject:fedora:avahi-compat-howl", "p-cpe:/a:fedoraproject:fedora:avahi-qt3-devel", "p-cpe:/a:fedoraproject:fedora:avahi-compat-libdns_sd", "p-cpe:/a:fedoraproject:fedora:avahi-glib", "p-cpe:/a:fedoraproject:fedora:avahi-devel", "p-cpe:/a:fedoraproject:fedora:avahi-compat-libdns_sd-devel", "p-cpe:/a:fedoraproject:fedora:avahi-tools"], "id": "FEDORA_2007-019.NASL", "href": "https://www.tenable.com/plugins/nessus/24186", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-019.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24186);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2006-6870\");\n script_xref(name:\"FEDORA\", value:\"2007-019\");\n\n script_name(english:\"Fedora Core 6 : avahi-0.6.16-1.fc6 (2007-019)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update shoul fix CVE-2006-6870 reported in #221440.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-January/001249.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?90a20239\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-compat-howl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-compat-howl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-compat-libdns_sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-compat-libdns_sd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-qt3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-qt3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-sharp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 6.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC6\", reference:\"avahi-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-compat-howl-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-compat-howl-devel-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-compat-libdns_sd-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-compat-libdns_sd-devel-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-debuginfo-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-devel-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-glib-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-glib-devel-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-qt3-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-qt3-devel-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-sharp-0.6.16-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"avahi-tools-0.6.16-1.fc6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi / avahi-compat-howl / avahi-compat-howl-devel / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:02", "description": "avahi-0.6.11-3.fc5 should fix CVE-2006-6870 - the consume_labels\nfunction in avahi-core/dns.c in Avahi before 0.6.16 allows remote\nattackers to cause a denial of service (infinite loop) via a crafted\ncompressed DNS response with a label that points to itself.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2007-01-17T00:00:00", "title": "Fedora Core 5 : avahi-0.6.11-3.fc5 (2007-018)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870"], "modified": "2007-01-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:avahi-glib-devel", "p-cpe:/a:fedoraproject:fedora:avahi-debuginfo", "p-cpe:/a:fedoraproject:fedora:avahi-sharp", "p-cpe:/a:fedoraproject:fedora:avahi-compat-howl-devel", "p-cpe:/a:fedoraproject:fedora:avahi", "p-cpe:/a:fedoraproject:fedora:avahi-qt3", "cpe:/o:fedoraproject:fedora_core:5", "p-cpe:/a:fedoraproject:fedora:avahi-compat-howl", "p-cpe:/a:fedoraproject:fedora:avahi-qt3-devel", "p-cpe:/a:fedoraproject:fedora:avahi-compat-libdns_sd", "p-cpe:/a:fedoraproject:fedora:avahi-glib", "p-cpe:/a:fedoraproject:fedora:avahi-devel", "p-cpe:/a:fedoraproject:fedora:avahi-compat-libdns_sd-devel", "p-cpe:/a:fedoraproject:fedora:avahi-tools"], "id": "FEDORA_2007-018.NASL", "href": "https://www.tenable.com/plugins/nessus/24185", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-018.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24185);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2006-6870\");\n script_xref(name:\"FEDORA\", value:\"2007-018\");\n\n script_name(english:\"Fedora Core 5 : avahi-0.6.11-3.fc5 (2007-018)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"avahi-0.6.11-3.fc5 should fix CVE-2006-6870 - the consume_labels\nfunction in avahi-core/dns.c in Avahi before 0.6.16 allows remote\nattackers to cause a denial of service (infinite loop) via a crafted\ncompressed DNS response with a label that points to itself.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-January/001210.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f89f387\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-compat-howl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-compat-howl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-compat-libdns_sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-compat-libdns_sd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-qt3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-qt3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-sharp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:avahi-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"avahi-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-compat-howl-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-compat-howl-devel-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-compat-libdns_sd-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-compat-libdns_sd-devel-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-debuginfo-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-devel-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-glib-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-glib-devel-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-qt3-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-qt3-devel-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-sharp-0.6.11-3.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"avahi-tools-0.6.11-3.fc5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi / avahi-compat-howl / avahi-compat-howl-devel / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T06:51:31", "description": "A flaw was discovered in Avahi's handling of compressed DNS packets.\nIf a specially crafted reply were received over the network, the Avahi\ndaemon would go into an infinite loop, causing a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2007-11-10T00:00:00", "title": "Ubuntu 5.10 / 6.06 LTS / 6.10 : avahi vulnerability (USN-402-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libavahi-common-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-core-dev", "p-cpe:/a:canonical:ubuntu_linux:avahi-dnsconfd", "p-cpe:/a:canonical:ubuntu_linux:libavahi-cil", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:avahi-discover", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common3", "p-cpe:/a:canonical:ubuntu_linux:libavahi-glib-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-qt3-0", "p-cpe:/a:canonical:ubuntu_linux:avahi-utils", "p-cpe:/a:canonical:ubuntu_linux:libavahi-glib0", "p-cpe:/a:canonical:ubuntu_linux:libavahi-qt3-1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-glib1", "p-cpe:/a:canonical:ubuntu_linux:avahi-daemon", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common0", "p-cpe:/a:canonical:ubuntu_linux:libavahi-core4", "p-cpe:/a:canonical:ubuntu_linux:libavahi-core1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-howl-dev", "p-cpe:/a:canonical:ubuntu_linux:monodoc-avahi-manual", "p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-dev", "p-cpe:/a:canonical:ubuntu_linux:python2.4-avahi", "p-cpe:/a:canonical:ubuntu_linux:python-avahi", "p-cpe:/a:canonical:ubuntu_linux:libavahi-client-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-client1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-howl0", "cpe:/o:canonical:ubuntu_linux:5.10", "p-cpe:/a:canonical:ubuntu_linux:libavahi-client3", "p-cpe:/a:canonical:ubuntu_linux:libavahi-common-data", "p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-0", "p-cpe:/a:canonical:ubuntu_linux:libavahi-qt3-dev", "p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-1", "p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd-dev", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-402-1.NASL", "href": "https://www.tenable.com/plugins/nessus/27990", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-402-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27990);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:33:01\");\n\n script_cve_id(\"CVE-2006-6870\");\n script_bugtraq_id(21881);\n script_xref(name:\"USN\", value:\"402-1\");\n\n script_name(english:\"Ubuntu 5.10 / 6.06 LTS / 6.10 : avahi vulnerability (USN-402-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was discovered in Avahi's handling of compressed DNS packets.\nIf a specially crafted reply were received over the network, the Avahi\ndaemon would go into an infinite loop, causing a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/402-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-discover\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-dnsconfd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avahi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-client-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-client1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-client3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-common3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-howl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-howl0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-compat-libdnssd1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-core-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-core1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-core4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-glib-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-glib0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-glib1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-qt3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-qt3-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-qt3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavahi-qt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:monodoc-avahi-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.10|6\\.06|6\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.10 / 6.06 / 6.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.10\", pkgname:\"avahi-daemon\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"avahi-dnsconfd\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"avahi-utils\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-cil\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-client-dev\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-client1\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-common-dev\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-common0\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-core-dev\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-core1\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-glib-dev\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-glib0\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-qt3-0\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-qt3-dev\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-qt4-0\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libavahi-qt4-dev\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"python2.4-avahi\", pkgver:\"0.5.2-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avahi-daemon\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avahi-discover\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avahi-dnsconfd\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avahi-utils\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-cil\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-client-dev\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-client3\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-common-data\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-common-dev\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-common3\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-compat-howl-dev\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-compat-howl0\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-compat-libdnssd-dev\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-compat-libdnssd1\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-core-dev\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-core4\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-glib-dev\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-glib1\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-qt3-1\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libavahi-qt3-dev\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"monodoc-avahi-manual\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-avahi\", pkgver:\"0.6.10-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"avahi-daemon\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"avahi-discover\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"avahi-dnsconfd\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"avahi-utils\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-client-dev\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-client3\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-common-data\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-common-dev\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-common3\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-compat-howl-dev\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-compat-howl0\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-compat-libdnssd-dev\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-compat-libdnssd1\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-core-dev\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-core4\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-glib-dev\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-glib1\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-qt3-1\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-qt3-dev\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-qt4-1\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libavahi-qt4-dev\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"python-avahi\", pkgver:\"0.6.13-2ubuntu2.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi-daemon / avahi-discover / avahi-dnsconfd / avahi-utils / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:43:19", "description": "This update fixes a remote denial of service problem in avahi, where\nattackers could cause an endless loop. (CVE-2006-6870)", "edition": 23, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : avahi (ZYPP Patch Number 2986)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870"], "modified": "2007-12-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_AVAHI-2986.NASL", "href": "https://www.tenable.com/plugins/nessus/29382", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29382);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-6870\");\n\n script_name(english:\"SuSE 10 Security Update : avahi (ZYPP Patch Number 2986)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a remote denial of service problem in avahi, where\nattackers could cause an endless loop. (CVE-2006-6870)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-6870.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 2986.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:0, reference:\"avahi-0.6.5-29.12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:43:19", "description": "This update fixes a remote denial of service problem in avahi, where\nattackers could cause an endless loop. (CVE-2006-6870)", "edition": 24, "published": "2007-10-17T00:00:00", "title": "openSUSE 10 Security Update : avahi (avahi-2982)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6870"], "modified": "2007-10-17T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:avahi-devel", "cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:avahi"], "id": "SUSE_AVAHI-2982.NASL", "href": "https://www.tenable.com/plugins/nessus/27161", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update avahi-2982.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27161);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-6870\");\n\n script_name(english:\"openSUSE 10 Security Update : avahi (avahi-2982)\");\n script_summary(english:\"Check for the avahi-2982 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a remote denial of service problem in avahi, where\nattackers could cause an endless loop. (CVE-2006-6870)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected avahi packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:avahi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"avahi-0.6.5-29.12\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"avahi-devel-0.6.5-29.12\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"avahi-0.6.14-36\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"avahi-devel-0.6.14-36\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avahi\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6870"], "description": "Avahi is a system which facilitates service discovery on a local network -- this means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in MacOS X (branded 'Rendezvous', 'Bonjour' and sometimes 'ZeroConf') and is very convenient. ", "modified": "2007-01-15T16:20:54", "published": "2007-01-15T16:20:54", "id": "FEDORA:L0FGKSHJ008073", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 6 Update: avahi-0.6.16-1.fc6", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5461", "CVE-2006-6870"], "description": "Avahi is a system which facilitates service discovery on a local network -- this means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in MacOS X (branded 'Rendezvous', 'Bonjour' and sometimes 'ZeroConf') and is very convenient. ", "modified": "2007-01-07T19:20:13", "published": "2007-01-07T19:20:13", "id": "FEDORA:L07JKDSB009334", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 5 Update: avahi-0.6.11-3.fc5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}
