VDB
CVE-2006-6870
CVE-2006-6870
PUBLISHED
CVSS 5 MEDIUM
The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself.
EPSS 5.93% · 90.8th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
5.93%
90.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| avahi | avahi | 0.6.15, 0.6.9, 0.6.7 |
| n/a | n/a | n/a |
Timeline
- Dec 31, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- http://www.securityfocus.com/bid/21881 technical
- http://www.ubuntu.com/usn/usn-402-1 technical
- 23673 third-party-advisory
- MDKSA-2007:003 vendor-advisory
- http://www.avahi.org/#December2006 url
- ADV-2007-0071 vdb
- 23644 third-party-advisory
- SUSE-SR:2007:007 vendor-advisory
- http://www.avahi.org/ticket/84 url
- FEDORA-2007-018 vendor-advisory
- 23660 third-party-advisory
- 24995 third-party-advisory
- http://www.avahi.org/changeset/1340 url
- FEDORA-2007-019 vendor-advisory
- 23628 third-party-advisory
- 23782 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2006-6870 advisory