Upstream information
CVE-2006-6870 at MITRE
Description
The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
CVSS v2 Scores
| National Vulnerability Database |
Base Score | 5 |
Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Access Vector | Network |
Access Complexity | Low |
Authentication | None |
Confidentiality Impact | None |
Integrity Impact | None |
Availability Impact | Partial |
SUSE Bugzilla entry:
232050 [RESOLVED / FIXED]
SUSE Security Advisories:
List of released packages
Product(s) | Fixed package version(s) | References |
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4 | avahi-compat-howl-devel >= 0.6.23-11.32.1
avahi-compat-mDNSResponder-devel >= 0.6.23-11.32.1
libavahi-devel >= 0.6.23-11.32.1
libhowl0 >= 0.6.23-11.32.1
python-avahi >= 0.6.23-11.32.1
| Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA avahi-compat-howl-devel-0.6.23-11.32.1 |
SUSE Linux Enterprise Micro 6.0 | avahi >= 0.8-4.6
libavahi-client3 >= 0.8-4.6
libavahi-common3 >= 0.8-4.6
libavahi-core7 >= 0.8-4.6
| Patchnames: SUSE Linux Enterprise Micro 6.0 GA avahi-0.8-4.6 |
SUSE Linux Enterprise Server 11 SP1 | avahi >= 0.6.23-11.19.22
avahi-lang >= 0.6.23-11.19.22
avahi-utils >= 0.6.23-11.19.22
libavahi-client3 >= 0.6.23-11.19.22
libavahi-client3-32bit >= 0.6.23-11.19.22
libavahi-client3-x86 >= 0.6.23-11.19.22
libavahi-common3 >= 0.6.23-11.19.22
libavahi-common3-32bit >= 0.6.23-11.19.22
libavahi-common3-x86 >= 0.6.23-11.19.22
libavahi-core5 >= 0.6.23-11.19.22
libdns_sd >= 0.6.23-11.19.22
libdns_sd-32bit >= 0.6.23-11.19.22
libdns_sd-x86 >= 0.6.23-11.19.22
| Patchnames: SUSE Linux Enterprise Server 11 SP1 GA avahi-0.6.23-11.19.22 |
SUSE Linux Enterprise Server 11 SP2 | avahi >= 0.6.23-11.19.22
avahi-lang >= 0.6.23-11.19.22
avahi-utils >= 0.6.23-11.19.22
libavahi-client3 >= 0.6.23-11.19.22
libavahi-client3-32bit >= 0.6.23-11.19.22
libavahi-client3-x86 >= 0.6.23-11.19.22
libavahi-common3 >= 0.6.23-11.19.22
libavahi-common3-32bit >= 0.6.23-11.19.22
libavahi-common3-x86 >= 0.6.23-11.19.22
libavahi-core5 >= 0.6.23-11.19.22
libdns_sd >= 0.6.23-11.19.22
libdns_sd-32bit >= 0.6.23-11.19.22
libdns_sd-x86 >= 0.6.23-11.19.22
| Patchnames: SUSE Linux Enterprise Server 11 SP2 GA avahi-0.6.23-11.19.22 |
SUSE Linux Enterprise Server 11 SP3 | avahi >= 0.6.23-11.30.4
avahi-lang >= 0.6.23-11.30.4
avahi-utils >= 0.6.23-11.30.4
libavahi-client3 >= 0.6.23-11.30.4
libavahi-client3-32bit >= 0.6.23-11.30.4
libavahi-client3-x86 >= 0.6.23-11.30.4
libavahi-common3 >= 0.6.23-11.30.4
libavahi-common3-32bit >= 0.6.23-11.30.4
libavahi-common3-x86 >= 0.6.23-11.30.4
libavahi-core5 >= 0.6.23-11.30.4
libdns_sd >= 0.6.23-11.30.4
libdns_sd-32bit >= 0.6.23-11.30.4
libdns_sd-x86 >= 0.6.23-11.30.4
| Patchnames: SUSE Linux Enterprise Server 11 SP3 GA avahi-0.6.23-11.30.4 |
SUSE Linux Enterprise Server 11 SP4 | avahi >= 0.6.23-11.32.1
avahi-compat-howl-devel >= 0.6.23-11.32.1
avahi-compat-mDNSResponder-devel >= 0.6.23-11.32.1
avahi-lang >= 0.6.23-11.32.1
avahi-utils >= 0.6.23-11.32.1
libavahi-client3 >= 0.6.23-11.32.1
libavahi-client3-32bit >= 0.6.23-11.32.1
libavahi-client3-x86 >= 0.6.23-11.32.1
libavahi-common3 >= 0.6.23-11.32.1
libavahi-common3-32bit >= 0.6.23-11.32.1
libavahi-common3-x86 >= 0.6.23-11.32.1
libavahi-core5 >= 0.6.23-11.32.1
libavahi-devel >= 0.6.23-11.32.1
libdns_sd >= 0.6.23-11.32.1
libdns_sd-32bit >= 0.6.23-11.32.1
libdns_sd-x86 >= 0.6.23-11.32.1
libhowl0 >= 0.6.23-11.32.1
python-avahi >= 0.6.23-11.32.1
| Patchnames: SUSE Linux Enterprise Server 11 SP4 GA avahi-0.6.23-11.32.1 SUSE Linux Enterprise Software Development Kit 11 SP4 GA avahi-compat-howl-devel-0.6.23-11.32.1 |
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 05:21:34 2013
CVE page last modified: Sat Jun 15 20:48:27 2024