Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.25 views

CBL Mariner 2.0 Security Update: avahi (CVE-2021-26720)

The version of avahi installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-26720 advisory. - avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via...

7.8CVSS8AI score0.00395EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/06/08 12:0 a.m.35 views

Debian DLA-3047-1 : avahi - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3047 advisory. - avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cau...

7.8CVSS6.7AI score0.00453EPSS
Exploits0References8
Debian
Debian
added 2022/06/07 6:23 p.m.91 views

[SECURITY] [DLA 3047-1] avahi security update

Debian LTS Advisory DLA-3047-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 07, 2022 https://wiki.debian.org/LTS Package : avahi Version : 0.6.32-2+deb9u1 CVE ID : CVE-2021-3468 CVE-2021-26720 Debian Bug : 984938 It was discovered that the Debian package o...

7.8CVSS6.8AI score0.00453EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.33 views

openSUSE 15 Security Update : avahi (openSUSE-SU-2021:1845-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1845-1 advisory. - avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows...

7.8CVSS6.6AI score0.00453EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.19 views

openSUSE: Security Advisory for avahi (openSUSE-SU-2021:1845-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.3AI score0.00453EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/07/11 12:0 a.m.39 views

Security update for avahi (important)

openSUSE Security Update: Security update for avahi Announcement ID: openSUSE-SU-2021:1845-1 Rating: important References: 1180827 1184521 Cross-References: CVE-2021-26720 CVE-2021-3468 CVSS scores: CVE-2021-26720 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-26720 SUSE: 7.8...

7.8CVSS6.7AI score0.00453EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2021:1845-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.00453EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2021:0551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.00395EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/04 12:0 a.m.27 views

SUSE SLES15 Security Update : avahi (SUSE-SU-2021:1845-1)

This update for avahi fixes the following issues : CVE-2021-3468: avoid infinite loop by handling HUP event in clientwork bsc1184521. CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 Update avahi-daemon-check-dns.sh from Debian. Our previous version relied on...

7.8CVSS6.6AI score0.00453EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2021:0563-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.6AI score0.00395EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.20 views

openSUSE: Security Advisory for avahi (openSUSE-SU-2021:0370-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.8AI score0.00395EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/24 12:0 a.m.30 views

SUSE SLED15 / SLES15 Security Update : avahi (SUSE-SU-2021:0551-1)

This update for avahi fixes the following issues : CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 Update avahi-daemon-check-dns.sh from Debian. Our previous version relied on ifconfig, route, and init.d. Add sudo to requires: used to drop privileges. Note that...

7.8CVSS7.9AI score0.00395EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/24 12:0 a.m.34 views

SUSE SLES12 Security Update : avahi (SUSE-SU-2021:0563-1)

This update for avahi fixes the following issues : CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 Add sudo to requires: used to drop privileges. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

7.8CVSS7.9AI score0.00395EPSS
Exploits0References4
OSV
OSV
added 2021/02/23 12:5 p.m.6 views

SUSE-SU-2021:0563-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 - Add sudo to requires: used to drop privileges...

7.8CVSS7.5AI score0.00395EPSS
Exploits0References3
OSV
OSV
added 2021/02/23 8:32 a.m.6 views

SUSE-SU-2021:0551-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 - Update avahi-daemon-check-dns.sh from Debian. Our previous version relied on ifconfig, route, and init.d. - Add sudo to requires: used to drop privileges...

7.8CVSS7.6AI score0.00395EPSS
Exploits0References3
NVD
NVD
added 2021/02/17 10:15 p.m.15 views

CVE-2021-26720

avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects th...

7.8CVSS0.00395EPSS
Exploits0References10
OSV
OSV
added 2021/02/17 10:15 p.m.32 views

CVE-2021-26720

avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects th...

7.8CVSS6.7AI score0.00395EPSS
Exploits0References10
Cvelist
Cvelist
added 2021/02/17 9:19 p.m.44 views

CVE-2021-26720

avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects th...

7.6AI score0.00395EPSS
Exploits0References10
CVE
CVE
added 2021/02/17 9:19 p.m.236 views

CVE-2021-26720

CVE-2021-26720 affects the Debian avahi package (up to 0.8-4). The issue arises from avahi-daemon-check-dns.sh being executed with root privileges via /etc/network/if-up.d/avahi-daemon, enabling a local attacker to cause denial of service or create arbitrary empty files through a symlink attack o...

7.8CVSS7.2AI score0.00395EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2021/02/17 9:19 p.m.40 views

CVE-2021-26720

avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects th...

7.8CVSS8.1AI score0.00395EPSS
Exploits0
Rows per page
Query Builder