SuSE 10 Security Update : avahi (ZYPP Patch Number 2216)

This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

Avahi did not check that the received netlink messages originated from
the kernel. This could be used by local attackers to inject packets
into avahi which could be used to inject bad netlink messages into
Avahi, confusing its routing code or worse. (CVE-2006-5461)

See also :

http://support.novell.com/security/cve/CVE-2006-5461.html

Solution :

Apply ZYPP patch number 2216.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N)

Family: SuSE Local Security Checks

Nessus Plugin ID: 29381 ()

Bugtraq ID:

CVE ID: CVE-2006-5461

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now