CVE-2007-3372 — Avahi vulnerability

7 documents7 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 72.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Avahi Debian Avahi

Timeline

PublishedJun 22

Latest updateMay 1

Description

The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/avahi< avahi 0.6.20-2 (bookworm)

▶Debianavahi/avahi< 0.6.20-2+3

▶NVDavahi/avahi0.6.19

Patches

Patch: avahi.org ↗Patch: avahi.org ↗

🔴Vulnerability Details

GHSA

GHSA-w53f-m8p6-x7g6: The Avahi daemon in Avahi before 0↗2022-05-01

▶

OSV

CVE-2007-3372: The Avahi daemon in Avahi before 0↗2007-06-22

▶

📋Vendor Advisories

Ubuntu

Avahi vulnerabilities↗2008-12-18

▶

Red Hat

avahi: assert fail local DoS via D-Bus↗2007-06-22

▶

Debian

CVE-2007-3372: avahi - The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of se...↗2007

▶

💬Community

Bugzilla

CVE-2007-3372 avahi: assert fail local DoS via D-Bus↗2007-06-25

▶