7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.303 Low
EPSS
Percentile
96.9%
Quagga contains five remote component vulnerabilities due to issues when handling BGP, OSPF, and OSPFv3 packets.
CERT-FI reports:
_Quagga is an open source routing software that can handle various routing protocols such as RIP, BGP and OSPF. Five vulnerabilities have been found in the BGP, OSPF and OSPFv3 components of Quagga. The vulnerabilities allow an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified packets to an affected server. Routing messages are typically accepted from the routing peers. Exploiting these vulnerabilities may require an established routing session (BGP peering or OSPF/OSPFv3 adjacency) to the router.
The vulnerability CVE-2011-3327 is related to the extended communities handling in BGP messages. Receiving a malformed BGP update can result in a buffer overflow and disruption of IPv4 routing.
The vulnerability CVE-2011-3326 results from the handling of LSA (Link State Advertisement) states in the OSPF service. Receiving a modified Link State Update message with malicious state information can result in denial of service in IPv4 routing.
The vulnerability CVE-2011-3325 is a denial of service vulnerability related to Hello message handling by the OSPF service. As Hello messages are used to initiate adjacencies, exploiting the vulnerability may be feasible from the same broadcast domain without an established adjacency. A malformed packet may result in denial of service in IPv4 routing.
The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving modified Database Description and Link State Update messages, respectively, can result in denial of service in IPv6 routing._
An attacker could exploit these vulnerabilities to cause a denial-of-service crash or may execute arbitrary code on the affected server with the permissions of the Quagga software.
CERT-FI recommends:
Install either the latest version of Quagga (http://www.quagga.net/_) or a fixed version of the software provided by your operating system or application vendor.
The vulnerabilities can be remediated by restricting network access to the routing daemon. Exploiting four of the vulnerabilities require established routing sessions or adjacencies._
Quagga before version 0.99.19
668534
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: September 14, 2011 Updated: October 06, 2011
Affected
We have not received a statement from the vendor.
For the oldstable distribution (lenny), these problems have been fixed
in version 0.99.10-1lenny6.
For the stable distribution (squeeze), these problems have been fixed
in version 0.99.17-2+squeeze3.
For the testing distribution (wheezy) and the unstable distribution
(sid), these problems have been fixed in version 0.99.19-1.
We recommend that you upgrade your quagga packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <http://www.debian.org/security/>
Notified: September 14, 2011 Updated: September 26, 2011
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 16, 2011
Not Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 22, 2011
Not Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 16, 2011 Updated: September 16, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 14, 2011 Updated: September 14, 2011
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
View all 42 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
<https://www.cert.fi/en/reports/2011/vulnerability539178.html>
Thanks to Riku HietamΓ€ki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project for reporting this vulnerability to CERT-FI.
This document was written by Michael Orlando.
CVE IDs: | CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, CVE-2011-3326, CVE-2011-3327 |
---|---|
Severity Metric: | 15.69 Date Public: |