{"id":"CVE-2017-6519","details":"avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive  information from the responding device via port-5353 UDP packets.  NOTE: this may overlap CVE-2015-2809.","modified":"2026-04-16T06:17:05.080367148Z","published":"2017-05-01T01:59:00.297Z","related":["openSUSE-SU-2024:10643-1"],"references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"},{"type":"ADVISORY","url":"https://github.com/lathiat/avahi/issues/203#issuecomment-449536790"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3876-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3876-2/"},{"type":"ADVISORY","url":"https://www.secfu.net/advisories"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1426712"},{"type":"EVIDENCE","url":"https://github.com/lathiat/avahi/issues/203"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/lathiat/avahi","events":[{"introduced":"0"},{"last_affected":"4f334990f692ce08ab4ea2eece695f1592f535b2"},{"introduced":"0"},{"last_affected":"6242e5f0fe001b7de2ccaa9431db279b2ee76b83"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.6.32"},{"introduced":"0"},{"last_affected":"0.7"}]}}],"versions":["0.6.32-rc","v0.6.23","v0.6.24","v0.6.25","v0.6.26","v0.6.27","v0.6.28","v0.6.29","v0.6.30","v0.6.31","v0.6.32","v0.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6519.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"12.04"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}