CVE-2006-5461

N/A Unknown

Published: November 14, 2006 Modified: April 23, 2026

Description

Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://avahi.org/milestone/Avahi%200.6.15

Source: secalert@redhat.com

http://secunia.com/advisories/22807

Source: secalert@redhat.com

Patch Vendor Advisory

http://secunia.com/advisories/22852

Source: secalert@redhat.com

Patch Vendor Advisory

http://secunia.com/advisories/22932

Source: secalert@redhat.com

http://secunia.com/advisories/23020

Source: secalert@redhat.com

http://secunia.com/advisories/23042

Source: secalert@redhat.com

http://securitytracker.com/id?1017257

Source: secalert@redhat.com

http://www.gentoo.org/security/en/glsa/glsa-200611-13.xml

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDKSA-2006:215

Source: secalert@redhat.com

http://www.novell.com/linux/security/advisories/2006_26_sr.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/21016

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2006/4474

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/30207

Source: secalert@redhat.com

https://tango.0pointer.de/pipermail/avahi-tickets/2006-November/000320.html

Source: secalert@redhat.com

https://usn.ubuntu.com/380-1/

Source: secalert@redhat.com

http://avahi.org/milestone/Avahi%200.6.15