Lucene search

[email protected]CVE-2013-6051

HistoryDec 14, 2013 - 5:21 p.m.

CVE-2013-6051

2013-12-1417:21:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

quagga

cve-2013-6051

bgp_attr_unknown

denial of service

nvd

vulnerability

security

update

6.2 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

81.0%

JSON

The bgp_attr_unknown function in bgp_attr.c in Quagga 0.99.21 does not properly initialize the total variable, which allows remote attackers to cause a denial of service (bgpd crash) via a crafted BGP update.

CPENameOperatorVersion
quagga:quaggaquaggaeq0.99.21

CPE	Name	Operator	Version
quagga:quagga	quagga	eq	0.99.21

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=730513

git.savannah.gnu.org/gitweb/?p=quagga.git%3Ba=commitdiff%3Bh=8794e8d229dc9fe29ea31424883433d4880ef408

www.debian.org/security/2013/dsa-2803

6.2 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

81.0%

JSON

Related for CVE-2013-6051

openvas5 debiancve1 nessus4 ubuntucve1 prion1 fedora1 amazon1 securityvulns2 osv1 debian1