Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-11-14
Avahi before 0.6.10 allows local users to cause a denial of service (mDNS/DNS-SD service disconnect) via unspecified mDNS name conflicts.
CVSS Score
3.6
EPSS Score
0.001
Published
2006-05-10
Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code via unknown vectors.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-05-10
Page 3