CVE-2007-3372

Publication date 22 June 2007

Last updated 24 July 2024

Ubuntu priority

The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
avahi	8.10 intrepid	Fixed 0.6.20-2
	8.04 LTS hardy	Fixed 0.6.20-2
	7.10 gutsy	Fixed 0.6.20-2
	7.04 feisty	Ignored end of life, was needed
	6.10 edgy	Ignored end of life, was needed
	6.06 LTS dapper	Fixed 0.6.10-0ubuntu3.5

How can I get the fixes?
What do statuses mean?

Notes

kees

this is a local-user DoS

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-696-1
Avahi vulnerabilities
18 December 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2007-3372