Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS-2012-070
HistoryApr 30, 2012 - 2:55 p.m.

Medium: quagga

2012-04-3014:55:00
alas.aws.amazon.com
13

3.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON

Issue Overview:

Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.

Affected Packages:

quagga

Issue Correction:
Run yum update quagga to update your system.

New Packages:

i686:  
    quagga-contrib-0.99.20.1-1.4.amzn1.i686  
    quagga-0.99.20.1-1.4.amzn1.i686  
    quagga-devel-0.99.20.1-1.4.amzn1.i686  
    quagga-debuginfo-0.99.20.1-1.4.amzn1.i686  
  
src:  
    quagga-0.99.20.1-1.4.amzn1.src  
  
x86_64:  
    quagga-contrib-0.99.20.1-1.4.amzn1.x86_64  
    quagga-devel-0.99.20.1-1.4.amzn1.x86_64  
    quagga-0.99.20.1-1.4.amzn1.x86_64  
    quagga-debuginfo-0.99.20.1-1.4.amzn1.x86_64

Additional References

Red Hat: CVE-2012-0250

Mitre: CVE-2012-0250

Related

prion 1
cve 1
openvas 24
nessus 21
debiancve 1
ubuntucve 1
fedora 3
osv 2
freebsd 1
cert 1
debian 1
ubuntu 1
gentoo 1
veracode 8
redhat 2
centos 2
securityvulns 1
oraclelinux 3
prion
prion
Buffer overflow
2012-04-05 13:25:00
cve
cve
CVE-2012-0250
2012-04-05 13:25:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2012-70)
2015-09-08 00:00:00
Fedora Update for quagga FEDORA-2012-5411
2012-04-23 00:00:00
FreeBSD Ports: quagga
2012-04-30 00:00:00
nessus
nessus
Amazon Linux AMI : quagga (ALAS-2012-70)
2013-09-04 00:00:00
Debian DSA-2459-2 : quagga - several vulnerabilities
2012-04-27 00:00:00
Quagga < 0.99.20.1 Multiple Vulnerabilities
2012-06-29 00:00:00
debiancve
debiancve
CVE-2012-0250
2012-04-05 13:25:00
ubuntucve
ubuntucve
CVE-2012-0250
2012-04-05 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: quagga-0.99.20.1-1.fc17
2012-04-20 03:07:24
[SECURITY] Fedora 16 Update: quagga-0.99.20.1-1.fc16
2012-04-22 03:43:44
[SECURITY] Fedora 15 Update: quagga-0.99.20.1-1.fc15
2012-04-22 03:48:42
osv
osv
quagga - several
2012-05-04 00:00:00
quagga - regression
2012-05-04 00:00:00
freebsd
freebsd
quagga -- multiple vulnerabilities
2012-03-23 00:00:00
cert
cert
Quagga contains multiple vulnerabilities
2012-03-23 00:00:00
debian
debian
[SECURITY] [DSA 2459-1] quagga security update
2012-04-26 05:56:28
ubuntu
ubuntu
Quagga vulnerabilities
2012-05-15 00:00:00
gentoo
gentoo
Quagga: Multiple vulnerabilities
2013-10-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:43:09
Denial Of Service (DoS)
2019-05-02 04:43:09
Denial Of Service (DoS)
2019-05-02 04:43:10
redhat
redhat
(RHSA-2012:1258) Moderate: quagga security update
2012-09-12 00:00:00
(RHSA-2012:1259) Moderate: quagga security update
2012-09-12 00:00:00
centos
centos
quagga security update
2012-09-12 21:45:33
quagga security update
2012-09-12 23:23:05
securityvulns
securityvulns
quagga route daemon multiple security vulnerabilities
2011-10-10 00:00:00
oraclelinux
oraclelinux
quagga security update
2012-09-12 00:00:00
quagga security update
2012-09-12 00:00:00
quagga security and bug fix update
2017-03-27 00:00:00

3.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON
Related for ALAS-2012-070
prion1cve1openvas24nessus21debiancve1ubuntucve1fedora3osv2freebsd1cert1debian1ubuntu1gentoo1veracode8redhat2centos2securityvulns1oraclelinux3