Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rosalinuxROSA LABROSA-SA-2021-1807
HistoryJul 02, 2021 - 4:32 p.m.

Advisory ROSA-SA-2021-1807

2021-07-0216:32:18
ROSA LAB
abf.rosalinux.ru
9

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Software: avahi 0.6.31
OS: Cobalt 7.9

CVE-ID: CVE-2021-26720
CVE-Crit: HIGH
CVE-DESC: avahi-daemon-check-dns.sh in the Debian avahi package prior to version 0.8-4 is executed as root user via /etc/network/if-up.d/avahi-daemon and allows a local attacker to cause a denial of service or create arbitrary empty files via a symbolic link attack on files in /run / avahi-daemon. NOTE: this only affects packaging for Debian GNU / Linux (indirectly used by SUSE), not the original Avahi product.
CVE-STATUS: default
CVE-REV: default

OSVersionArchitecturePackageVersionFilename
Cobaltanynoarchavahi< 0.6.31UNKNOWN

Related

nessus 7
openvas 6
prion 1
cvelist 1
cbl_mariner 2
nvd 1
cve 1
suse 2
debiancve 1
osv 2
ubuntucve 1
alpinelinux 1
debian 1
nessus
nessus
openSUSE Security Update : avahi (openSUSE-2021-370)
2021-03-05 00:00:00
CBL Mariner 2.0 Security Update: avahi (CVE-2021-26720)
2024-07-03 00:00:00
SUSE SLED15 / SLES15 Security Update : avahi (SUSE-SU-2021:0551-1)
2021-02-24 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:0551-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:0563-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for avahi (openSUSE-SU-2021:0370-1)
2021-04-16 00:00:00
prion
prion
Code injection
2021-02-17 22:15:00
cvelist
cvelist
CVE-2021-26720
2021-02-17 21:19:26
cbl_mariner
cbl_mariner
CVE-2021-26720 affecting package avahi for versions less than 0.8-1
2024-03-19 17:21:46
CVE-2021-26720 affecting package avahi for versions less than 0.8-1
2022-04-26 19:39:28
nvd
nvd
CVE-2021-26720
2021-02-17 22:15:12
cve
cve
CVE-2021-26720
2021-02-17 22:15:12
suse
suse
Security update for avahi (moderate)
2021-03-03 00:00:00
Security update for avahi (important)
2021-07-11 00:00:00
debiancve
debiancve
CVE-2021-26720
2021-02-17 22:15:12
osv
osv
CVE-2021-26720
2021-02-17 22:15:12
avahi - security update
2022-06-07 00:00:00
ubuntucve
ubuntucve
CVE-2021-26720
2021-02-17 00:00:00
alpinelinux
alpinelinux
CVE-2021-26720
2021-02-17 22:15:12
debian
debian
[SECURITY] [DLA 3047-1] avahi security update
2022-06-07 18:23:35

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for ROSA-SA-2021-1807
nessus7openvas6prion1cvelist1cbl_mariner2nvd1cve1suse2debiancve1osv2ubuntucve1alpinelinux1debian1