Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:668534
HistorySep 26, 2011 - 12:00 a.m.

Multiple Quagga remote component vulnerabilities

2011-09-2600:00:00
www.kb.cert.org
9

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.303 Low

EPSS

Percentile

96.9%

JSON

Overview

Quagga contains five remote component vulnerabilities due to issues when handling BGP, OSPF, and OSPFv3 packets.

Description

CERT-FI reports:

_Quagga is an open source routing software that can handle various routing protocols such as RIP, BGP and OSPF. Five vulnerabilities have been found in the BGP, OSPF and OSPFv3 components of Quagga. The vulnerabilities allow an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified packets to an affected server. Routing messages are typically accepted from the routing peers. Exploiting these vulnerabilities may require an established routing session (BGP peering or OSPF/OSPFv3 adjacency) to the router.

The vulnerability CVE-2011-3327 is related to the extended communities handling in BGP messages. Receiving a malformed BGP update can result in a buffer overflow and disruption of IPv4 routing.

The vulnerability CVE-2011-3326 results from the handling of LSA (Link State Advertisement) states in the OSPF service. Receiving a modified Link State Update message with malicious state information can result in denial of service in IPv4 routing.

The vulnerability CVE-2011-3325 is a denial of service vulnerability related to Hello message handling by the OSPF service. As Hello messages are used to initiate adjacencies, exploiting the vulnerability may be feasible from the same broadcast domain without an established adjacency. A malformed packet may result in denial of service in IPv4 routing.

The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving modified Database Description and Link State Update messages, respectively, can result in denial of service in IPv6 routing._

Impact

An attacker could exploit these vulnerabilities to cause a denial-of-service crash or may execute arbitrary code on the affected server with the permissions of the Quagga software.

Solution

CERT-FI recommends:

Install either the latest version of Quagga (http://www.quagga.net/_) or a fixed version of the software provided by your operating system or application vendor.

The vulnerabilities can be remediated by restricting network access to the routing daemon. Exploiting four of the vulnerabilities require established routing sessions or adjacencies._

Vendor Information

Quagga before version 0.99.19

668534

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Debian GNU/Linux __ Affected

Notified: September 14, 2011 Updated: October 06, 2011

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

For the oldstable distribution (lenny), these problems have been fixed

in version 0.99.10-1lenny6.

For the stable distribution (squeeze), these problems have been fixed
in version 0.99.17-2+squeeze3.

For the testing distribution (wheezy) and the unstable distribution
(sid), these problems have been fixed in version 0.99.19-1.

We recommend that you upgrade your quagga packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <http://www.debian.org/security/&gt;

Red Hat, Inc. Affected

Notified: September 14, 2011 Updated: September 26, 2011

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

Openwall GNU/*/Linux Not Affected

Notified: September 14, 2011 Updated: September 16, 2011

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Wind River Systems, Inc. Not Affected

Notified: September 14, 2011 Updated: September 22, 2011

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Apple Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Conectiva Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cray Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

DragonFly BSD Project Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

EMC Corporation Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Engarde Secure Linux Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

F5 Networks, Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fedora Project Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

FreeBSD Project Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fujitsu Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Gentoo Linux Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Google Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Hewlett-Packard Company Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Hitachi Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IBM Corporation Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IBM Corporation (zseries) Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IBM eServer Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Infoblox Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Juniper Networks, Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Mandriva S. A. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Microsoft Corporation Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NEC Corporation Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NetBSD Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Nokia Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Novell, Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OpenBSD Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Oracle Corporation Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

QNX Software Systems Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SUSE Linux Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SafeNet Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Silicon Graphics, Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Slackware Linux Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sony Corporation Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sun Microsystems, Inc. Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

The SCO Group Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Turbolinux Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ubuntu Unknown

Notified: September 16, 2011 Updated: September 16, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Unisys Unknown

Notified: September 14, 2011 Updated: September 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

View all 42 vendors __View less vendors __

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

<https://www.cert.fi/en/reports/2011/vulnerability539178.html&gt;

Acknowledgements

Thanks to Riku HietamΓ€ki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project for reporting this vulnerability to CERT-FI.

This document was written by Michael Orlando.

Other Information

CVE IDs: CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, CVE-2011-3326, CVE-2011-3327
Severity Metric: 15.69 Date Public:

Related

suse 4
nessus 23
debian 1
openvas 28
fedora 5
osv 1
ubuntu 1
freebsd 1
securityvulns 2
veracode 9
redhat 2
centos 2
gentoo 1
oraclelinux 3
prion 5
cve 5
debiancve 5
ubuntucve 5
suse
suse
Security update for quagga (important)
2011-09-28 22:08:22
Security update for quagga (important)
2011-10-24 17:08:25
quagga: fixing multiple vulnerabilities (important)
2011-10-18 19:08:25
nessus
nessus
FreeBSD : quagga -- multiple vulnerabilities (ab9be2c8-ef91-11e0-ad5a-00215c6a37bb)
2011-10-06 00:00:00
openSUSE Security Update : quagga (openSUSE-SU-2011:1155-1)
2014-06-13 00:00:00
SuSE 10 Security Update : quagga (ZYPP Patch Number 7767)
2011-10-24 00:00:00
debian
debian
[SECURITY] [DSA 2316-1] quagga security update
2011-10-05 18:57:11
openvas
openvas
FreeBSD Ports: quagga
2011-10-16 00:00:00
Debian Security Advisory DSA 2316-1 (quagga)
2011-10-16 00:00:00
FreeBSD Ports: quagga
2011-10-16 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: quagga-0.99.20-2.fc16
2011-10-19 04:40:08
[SECURITY] Fedora 15 Update: quagga-0.99.20-2.fc15
2011-10-18 22:20:24
[SECURITY] Fedora 14 Update: quagga-0.99.20-2.fc14
2011-10-18 22:16:10
osv
osv
quagga - several
2011-10-05 00:00:00
ubuntu
ubuntu
Quagga vulnerabilities
2011-11-14 00:00:00
freebsd
freebsd
quagga -- multiple vulnerabilities
2011-09-26 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2316-1] quagga security update
2011-10-10 00:00:00
quagga route daemon multiple security vulnerabilities
2011-10-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:43:09
Denial Of Service (DoS)
2019-05-02 04:43:09
Denial Of Service (DoS)
2019-05-02 04:43:10
redhat
redhat
(RHSA-2012:1258) Moderate: quagga security update
2012-09-12 00:00:00
(RHSA-2012:1259) Moderate: quagga security update
2012-09-12 00:00:00
centos
centos
quagga security update
2012-09-12 21:45:33
quagga security update
2012-09-12 23:23:05
gentoo
gentoo
Quagga: Multiple vulnerabilities
2012-02-21 00:00:00
oraclelinux
oraclelinux
quagga security update
2012-09-12 00:00:00
quagga security update
2012-09-12 00:00:00
quagga security and bug fix update
2017-03-27 00:00:00
prion
prion
Out-of-bounds
2011-10-10 10:55:00
Heap overflow
2011-10-10 10:55:00
Design/Logic Flaw
2011-10-10 10:55:00
cve
cve
CVE-2011-3323
2011-10-10 10:55:00
CVE-2011-3325
2011-10-10 10:55:00
CVE-2011-3327
2011-10-10 10:55:00
debiancve
debiancve
CVE-2011-3323
2011-10-10 10:55:00
CVE-2011-3325
2011-10-10 10:55:00
CVE-2011-3324
2011-10-10 10:55:00
ubuntucve
ubuntucve
CVE-2011-3323
2011-10-10 00:00:00
CVE-2011-3325
2011-10-10 00:00:00
CVE-2011-3327
2011-10-10 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.303 Low

EPSS

Percentile

96.9%

JSON
Related for VU:668534
suse4nessus23debian1openvas28fedora5osv1ubuntu1freebsd1securityvulns2veracode9redhat2centos2gentoo1oraclelinux3prion5cve5debiancve5ubuntucve5