Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
<net-dns/avahi-0.6.10 is vulnerable to the following: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2289 Didn't notice this as I bumped the ebuild to 0.6.10
sparc and x86, please test and stable - thanks Does this run as root? If not, this is probably only B3
sparc stable.
all done on x86 as well ^.^
Thx Joshua, but please don't close security bugs. Time for GLSA decision. Impact is rather vague so I tend to vote NO.
SA 20022 http://secunia.com/advisories/20022 shows details on the impact. i think the buffer overflow comes from these lines of code : http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/avahi-core/rr.c?rev=1209&view=diff&r1=1209&r2=1208&p1=trunk/avahi-core/rr.c&p2=/trunk/avahi-core/rr.c Remote exec of code is serious, but in this case, the official advisory says it is hardly remotely exploitable. http://0pointer.de/cgi-bin/viewcvs.cgi/*checkout*/trunk/docs/NEWS?root=avahi "We do not consider either of them major security threats. " "The buffer overflow is hard to exploit remotely, only local users can become the 'avahi' user. In addition the user is trapped inside a chroot() environment (at least on Linux). " Concerning the DoS issue (exploitable from a local network only), it is also possible to DoS avahi with inconsistent data. So the DoS issue is not very serious as for me. I vote NO.
yet another no and closing. Of course, feel free to reopen if you disagree.
