ID 2748FDDE-3A3C-11DE-BBC5-00E0815B8DA8 Type freebsd Reporter FreeBSD Modified 2009-05-07T00:00:00
Description
Debian Security Team reports:
It was discovered that Quagga, an IP routing daemon, could
no longer process the Internet routing table due to broken
handling of multiple 4-byte AS numbers in an AS path. If such
a prefix is received, the BGP daemon crashes with an assert
failure leading to a denial of service.
{"id": "2748FDDE-3A3C-11DE-BBC5-00E0815B8DA8", "bulletinFamily": "unix", "title": "quagga -- Denial of Service", "description": "\nDebian Security Team reports:\n\nIt was discovered that Quagga, an IP routing daemon, could\n\t no longer process the Internet routing table due to broken\n\t handling of multiple 4-byte AS numbers in an AS path. If such\n\t a prefix is received, the BGP daemon crashes with an assert\n\t failure leading to a denial of service.\n\n", "published": "2009-05-04T00:00:00", "modified": "2009-05-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/2748fdde-3a3c-11de-bbc5-00e0815b8da8.html", "reporter": "FreeBSD", "references": ["http://lists.quagga.net/pipermail/quagga-dev/2009-April/006541.html"], "cvelist": ["CVE-2009-1572"], "type": "freebsd", "lastseen": "2018-08-31T01:15:27", "history": [{"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "quagga", "packageVersion": "0.99.11_3"}], "bulletinFamily": "unix", "cvelist": ["CVE-2009-1572"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "\nDebian Security Team reports:\n\nIt was discovered that Quagga, an IP routing daemon, could\n\t no longer process the Internet routing table due to broken\n\t handling of multiple 4-byte AS numbers in an AS path. If such\n\t a prefix is received, the BGP daemon crashes with an assert\n\t failure leading to a denial of service.\n\n", "edition": 1, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "c29a5975f90241e618bd80b60b516c5c9eab68cde09cfcefe489878497e74045", "hashmap": [{"hash": "7290fbf500fb766b9960c84932b7915b", "key": "modified"}, {"hash": "9ac814b9277dac81ac376eb04772ad1c", "key": "title"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "86e75daa11ace8a292e384ec19073561", "key": "href"}, {"hash": "dc71bfda7efec5f7d23b36d2ab269fde", "key": "affectedPackage"}, {"hash": "16e98febfcff54224f618e7ef8b4121b", "key": "references"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "9557e332477e93da5a37ac1208bd9bc3", "key": "cvelist"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "f68be5338c2a0dd332cdd735452ff881", "key": "published"}, {"hash": "57e02561b3fafcf4aab59505cd0d95c2", "key": "description"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/2748fdde-3a3c-11de-bbc5-00e0815b8da8.html", "id": "2748FDDE-3A3C-11DE-BBC5-00E0815B8DA8", "lastseen": "2016-09-26T17:24:53", "modified": "2009-05-07T00:00:00", "objectVersion": "1.2", "published": "2009-05-04T00:00:00", "references": ["http://lists.quagga.net/pipermail/quagga-dev/2009-April/006541.html"], "reporter": "FreeBSD", "title": "quagga -- Denial of Service", "type": "freebsd", "viewCount": 0}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2016-09-26T17:24:53"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "quagga", "packageVersion": "0.99.11_3"}], "bulletinFamily": "unix", "cvelist": ["CVE-2009-1572"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\nDebian Security Team reports:\n\nIt was discovered that Quagga, an IP routing daemon, could\n\t no longer process the Internet routing table due to broken\n\t handling of multiple 4-byte AS numbers in an AS path. If such\n\t a prefix is received, the BGP daemon crashes with an assert\n\t failure leading to a denial of service.\n\n", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2297723409fb54307efb3e5c977135de1de1bd099d8a322aea1692071019eaaa", "hashmap": [{"hash": "7290fbf500fb766b9960c84932b7915b", "key": "modified"}, {"hash": "9ac814b9277dac81ac376eb04772ad1c", "key": "title"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "86e75daa11ace8a292e384ec19073561", "key": "href"}, {"hash": "dc71bfda7efec5f7d23b36d2ab269fde", "key": "affectedPackage"}, {"hash": "16e98febfcff54224f618e7ef8b4121b", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "9557e332477e93da5a37ac1208bd9bc3", "key": "cvelist"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "f68be5338c2a0dd332cdd735452ff881", "key": "published"}, {"hash": "57e02561b3fafcf4aab59505cd0d95c2", "key": "description"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/2748fdde-3a3c-11de-bbc5-00e0815b8da8.html", "id": "2748FDDE-3A3C-11DE-BBC5-00E0815B8DA8", "lastseen": "2018-08-30T19:15:33", "modified": "2009-05-07T00:00:00", "objectVersion": "1.3", "published": "2009-05-04T00:00:00", "references": ["http://lists.quagga.net/pipermail/quagga-dev/2009-April/006541.html"], "reporter": "FreeBSD", "title": "quagga -- Denial of Service", "type": "freebsd", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T19:15:33"}], "edition": 3, "hashmap": [{"key": "affectedPackage", "hash": "dc71bfda7efec5f7d23b36d2ab269fde"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "9557e332477e93da5a37ac1208bd9bc3"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "57e02561b3fafcf4aab59505cd0d95c2"}, {"key": "href", "hash": "86e75daa11ace8a292e384ec19073561"}, {"key": "modified", "hash": "7290fbf500fb766b9960c84932b7915b"}, {"key": "published", "hash": "f68be5338c2a0dd332cdd735452ff881"}, {"key": "references", "hash": "16e98febfcff54224f618e7ef8b4121b"}, {"key": "reporter", "hash": "a3dc630729e463135f4e608954fa6e19"}, {"key": "title", "hash": "9ac814b9277dac81ac376eb04772ad1c"}, {"key": "type", "hash": "1527e888767cdce15d200b870b39cfd0"}], "hash": "c29a5975f90241e618bd80b60b516c5c9eab68cde09cfcefe489878497e74045", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "quagga", "packageVersion": "0.99.11_3"}]}
{"cve": [{"lastseen": "2017-08-17T11:14:20", "references": ["http://www.securitytracker.com/id?1022164", "http://www.ubuntu.com/usn/usn-775-1", "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311", "http://www.openwall.com/lists/oss-security/2009/05/01/1", "http://www.securityfocus.com/bid/34817", "http://www.debian.org/security/2009/dsa-1788", "http://www.openwall.com/lists/oss-security/2009/05/01/2", "http://thread.gmane.org/gmane.network.quagga.devel/6513", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:109", "http://marc.info/?l=quagga-dev&m=123364779626078&w=2", "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html"], "description": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.", "edition": 2, "reporter": "NVD", "published": "2009-05-06T13:30:00", "title": "CVE-2009-1572", "type": "cve", "enchantments": {"score": {"modified": "2017-08-17T11:14:20", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-1572"], "scanner": [], "modified": "2017-08-16T21:30:24", "cpe": ["cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.97.0"], "id": "CVE-2009-1572", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1572", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:51:05", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=499033", "http://www.nessus.org/u?84211efd"], "pluginID": "38862", "description": "The latest upstream version fixes serious assert crashing with ASN4's.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2009-05-22T00:00:00", "title": "Fedora 10 : quagga-0.99.12-1.fc10 (2009-5284)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2015-10-21T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:quagga"], "id": "FEDORA_2009-5284.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38862", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5284.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38862);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:50:37 $\");\n\n script_cve_id(\"CVE-2009-1572\");\n script_bugtraq_id(34817);\n script_xref(name:\"FEDORA\", value:\"2009-5284\");\n\n script_name(english:\"Fedora 10 : quagga-0.99.12-1.fc10 (2009-5284)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The latest upstream version fixes serious assert crashing with ASN4's.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=499033\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/023938.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84211efd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"quagga-0.99.12-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:57", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=500540"], "pluginID": "40119", "description": "This update fixes a remote denial of service bug in quagga that can be triggered via an AS path containing ASN elements whose string representation is longer than expected. (CVE-2009-1572)", "edition": 4, "reporter": "Tenable", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : quagga (quagga-866)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:quagga-devel", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:quagga"], "id": "SUSE_11_0_QUAGGA-090508.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40119", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update quagga-866.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40119);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:44:03 $\");\n\n script_cve_id(\"CVE-2009-1572\");\n\n script_name(english:\"openSUSE Security Update : quagga (quagga-866)\");\n script_summary(english:\"Check for the quagga-866 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a remote denial of service bug in quagga that can be\ntriggered via an AS path containing ASN elements whose string\nrepresentation is longer than expected. (CVE-2009-1572)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=500540\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"quagga-0.99.9-59.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"quagga-devel-0.99.9-59.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:07:37", "references": ["http://support.novell.com/security/cve/CVE-2009-1572.html"], "pluginID": "41299", "description": "This update fixes a remote denial of service bug in quagga that can be triggered via an AS path containing ASN elements whose string representation is longer than expected. (CVE-2009-1572)", "edition": 4, "reporter": "Tenable", "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : quagga (YOU Patch Number 12416)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2012-04-23T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12416.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41299", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41299);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2012/04/23 18:14:43 $\");\n\n script_cve_id(\"CVE-2009-1572\");\n\n script_name(english:\"SuSE9 Security Update : quagga (YOU Patch Number 12416)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a remote denial of service bug in quagga that can be\ntriggered via an AS path containing ASN elements whose string\nrepresentation is longer than expected. (CVE-2009-1572)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1572.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12416.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"quagga-0.99.7-11.8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-29T19:33:29", "references": ["https://usn.ubuntu.com/775-1/"], "pluginID": "38758", "description": "It was discovered that the BGP service in Quagga did not correctly handle certain AS paths containing 4-byte ASNs. An authenticated remote attacker could exploit this flaw to cause bgpd to abort, leading to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2009-05-13T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : quagga vulnerability (USN-775-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2018-11-28T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:quagga-doc", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:quagga", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-775-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38758", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-775-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38758);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/28 22:47:45\");\n\n script_cve_id(\"CVE-2009-1572\");\n script_bugtraq_id(34817);\n script_xref(name:\"USN\", value:\"775-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : quagga vulnerability (USN-775-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the BGP service in Quagga did not correctly\nhandle certain AS paths containing 4-byte ASNs. An authenticated\nremote attacker could exploit this flaw to cause bgpd to abort,\nleading to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/775-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga and / or quagga-doc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2018 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"quagga\", pkgver:\"0.99.2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"quagga-doc\", pkgver:\"0.99.2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"quagga\", pkgver:\"0.99.9-2ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"quagga-doc\", pkgver:\"0.99.9-2ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"quagga\", pkgver:\"0.99.9-6ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"quagga-doc\", pkgver:\"0.99.9-6ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"quagga\", pkgver:\"0.99.11-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"quagga-doc\", pkgver:\"0.99.11-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-doc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:10", "references": ["http://support.novell.com/security/cve/CVE-2009-1572.html"], "pluginID": "41582", "description": "This update fixes a remote denial of service bug in quagga that can be triggered via an AS path containing ASN elements whose string representation is longer than expected. (CVE-2009-1572)", "edition": 4, "reporter": "Tenable", "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : quagga (ZYPP Patch Number 6240)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2012-05-17T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_QUAGGA-6240.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41582", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41582);\n script_version (\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2012/05/17 11:20:15 $\");\n\n script_cve_id(\"CVE-2009-1572\");\n\n script_name(english:\"SuSE 10 Security Update : quagga (ZYPP Patch Number 6240)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a remote denial of service bug in quagga that can be\ntriggered via an AS path containing ASN elements whose string\nrepresentation is longer than expected. (CVE-2009-1572)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1572.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6240.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"quagga-0.99.9-14.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"quagga-devel-0.99.9-14.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:48:57", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=500540"], "pluginID": "40303", "description": "This update fixes a remote denial of service bug in quagga that can be triggered via an AS path containing ASN elements whose string representation is longer than expected. (CVE-2009-1572)", "edition": 4, "reporter": "Tenable", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : quagga (quagga-866)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:quagga-devel", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:quagga"], "id": "SUSE_11_1_QUAGGA-090508.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40303", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update quagga-866.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40303);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:55:05 $\");\n\n script_cve_id(\"CVE-2009-1572\");\n\n script_name(english:\"openSUSE Security Update : quagga (quagga-866)\");\n script_summary(english:\"Check for the quagga-866 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a remote denial of service bug in quagga that can be\ntriggered via an AS path containing ASN elements whose string\nrepresentation is longer than expected. (CVE-2009-1572)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=500540\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"quagga-0.99.10-17.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"quagga-devel-0.99.10-17.30.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-11T12:51:44", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311", "https://www.debian.org/security/2009/dsa-1788"], "pluginID": "38690", "description": "It was discovered that Quagga, an IP routing daemon, could no longer process the Internet routing table due to broken handling of multiple 4-byte AS numbers in an AS path. If such a prefix is received, the BGP daemon crashes with an assert failure, leading to a denial of service.", "edition": 7, "reporter": "Tenable", "published": "2009-05-06T00:00:00", "title": "Debian DSA-1788-1 : quagga - improper assertion", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:quagga", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1788.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38690", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1788. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38690);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2009-1572\");\n script_xref(name:\"DSA\", value:\"1788\");\n\n script_name(english:\"Debian DSA-1788-1 : quagga - improper assertion\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga, an IP routing daemon, could no longer\nprocess the Internet routing table due to broken handling of multiple\n4-byte AS numbers in an AS path. If such a prefix is received, the BGP\ndaemon crashes with an assert failure, leading to a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1788\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the quagga package.\n\nThe old stable distribution (etch) is not affected by this issue.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.99.10-1lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"quagga\", reference:\"0.99.10-1lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"quagga-doc\", reference:\"0.99.10-1lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:38:34", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=499033", "http://www.nessus.org/u?8719fc71"], "pluginID": "38863", "description": "The latest upstream version fixes serious assert crashing with ASN4's.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2009-05-22T00:00:00", "title": "Fedora 11 : quagga-0.99.12-1.fc11 (2009-5324)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2015-10-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-5324.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38863", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5324.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38863);\n script_version (\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:50:37 $\");\n\n script_cve_id(\"CVE-2009-1572\");\n script_xref(name:\"FEDORA\", value:\"2009-5324\");\n\n script_name(english:\"Fedora 11 : quagga-0.99.12-1.fc11 (2009-5324)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The latest upstream version fixes serious assert crashing with ASN4's.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=499033\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024008.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8719fc71\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"quagga-0.99.12-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:43:59", "references": ["http://support.novell.com/security/cve/CVE-2009-1572.html", "https://bugzilla.novell.com/show_bug.cgi?id=500540"], "pluginID": "41451", "description": "This update fixes a remote denial of service bug in quagga that can be triggered via an AS path containing ASN elements whose string representation is longer than expected. (CVE-2009-1572)", "edition": 4, "reporter": "Tenable", "published": "2009-09-24T00:00:00", "title": "SuSE 11 Security Update : quagga (SAT Patch Number 864)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2013-10-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:quagga", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_QUAGGA-090508.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41451", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41451);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:56:04 $\");\n\n script_cve_id(\"CVE-2009-1572\");\n\n script_name(english:\"SuSE 11 Security Update : quagga (SAT Patch Number 864)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a remote denial of service bug in quagga that can be\ntriggered via an AS path containing ASN elements whose string\nrepresentation is longer than expected. (CVE-2009-1572)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=500540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1572.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 864.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"quagga-0.99.10-17.17.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-17T02:49:27", "references": ["http://thread.gmane.org/gmane.network.quagga.devel/6513", "http://web.archive.org/web/20100629143625/http://www.quagga.net/download/attic/quagga-0.99.12.changelog.txt"], "pluginID": "59787", "description": "According to its self-reported version number, the installation of Quagga's BGP daemon listening on the remote host is affected by a denial of service vulnerability. The issue can be triggered via an AS path containing ASN elements whose string representation is longer than expected.", "edition": 7, "reporter": "Tenable", "published": "2012-06-29T00:00:00", "title": "Quagga < 0.99.12 BGPD Denial of Service Vulnerability", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Misc.", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_12.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=59787", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59787);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/15 20:50:23\");\n\n script_cve_id(\"CVE-2009-1572\");\n script_bugtraq_id(34817);\n\n script_name(english:\"Quagga < 0.99.12 BGPD Denial of Service Vulnerability\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga's BGP daemon listening on the remote host is affected by a\ndenial of service vulnerability. The issue can be triggered via an AS\npath containing ASN elements whose string representation is longer\nthan expected.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.12 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://web.archive.org/web/20100629143625/http://www.quagga.net/download/attic/quagga-0.99.12.changelog.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://thread.gmane.org/gmane.network.quagga.devel/6513\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.12\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_warning(port:port, extra:report);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-04-06T11:40:31", "references": [], "pluginID": "136141256231063951", "description": "The remote host is missing an update to quagga\nannounced via advisory MDVSA-2009:109.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-11T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:109 (quagga)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063951", "id": "OPENVAS:136141256231063951", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_109.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:109 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote\nattackers to cause a denial of service (crash) via an AS path\ncontaining ASN elements whose string representation is longer than\nexpected, which triggers an assert error (CVE-2009-1572).\n\nUpdated packages are available that bring Quagga to version 0.99.12\nwhich provides numerous bugfixes over the previous 0.99.9 version,\nand also corrects this issue.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:109\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory MDVSA-2009:109.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63951\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-11 20:24:31 +0200 (Mon, 11 May 2009)\");\n script_cve_id(\"CVE-2009-1572\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:109 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libquagga0\", rpm:\"libquagga0~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libquagga0-devel\", rpm:\"libquagga0-devel~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64quagga0\", rpm:\"lib64quagga0~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64quagga0-devel\", rpm:\"lib64quagga0-devel~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:09", "references": [], "pluginID": "63969", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-11T00:00:00", "title": "FreeBSD Ports: quagga", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2016-12-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63969", "id": "OPENVAS:63969", "sourceData": "#\n#VID 2748fdde-3a3c-11de-bbc5-00e0815b8da8\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 2748fdde-3a3c-11de-bbc5-00e0815b8da8\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: quagga\n\nCVE-2009-1572\nThe BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote\nattackers to cause a denial of service (crash) via an AS path\ncontaining ASN elements whose string representation is longer than\nexpected, which triggers an assert error.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://lists.quagga.net/pipermail/quagga-dev/2009-April/006541.html\nhttp://www.vuxml.org/freebsd/2748fdde-3a3c-11de-bbc5-00e0815b8da8.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(63969);\n script_version(\"$Revision: 4847 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-23 10:33:16 +0100 (Fri, 23 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-11 20:24:31 +0200 (Mon, 11 May 2009)\");\n script_cve_id(\"CVE-2009-1572\");\n script_bugtraq_id(34656);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: quagga\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.11_3\")<0) {\n txt += 'Package quagga version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:41", "references": [], "pluginID": "136141256231065423", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n quagga\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5051655 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for quagga", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065423", "id": "OPENVAS:136141256231065423", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5051655.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for quagga\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n quagga\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5051655 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65423\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2009-1572\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for quagga\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.7~11.8\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:21", "references": [], "pluginID": "65423", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n quagga\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5051655 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SLES9: Security update for quagga", "type": "openvas", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65423", "id": "OPENVAS:65423", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5051655.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for quagga\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n quagga\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5051655 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65423);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2009-1572\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for quagga\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.7~11.8\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:11", "references": [], "pluginID": "63951", "description": "The remote host is missing an update to quagga\nannounced via advisory MDVSA-2009:109.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Mandrake Security Advisory MDVSA-2009:109 (quagga)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63951", "id": "OPENVAS:63951", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_109.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:109 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote\nattackers to cause a denial of service (crash) via an AS path\ncontaining ASN elements whose string representation is longer than\nexpected, which triggers an assert error (CVE-2009-1572).\n\nUpdated packages are available that bring Quagga to version 0.99.12\nwhich provides numerous bugfixes over the previous 0.99.9 version,\nand also corrects this issue.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:109\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory MDVSA-2009:109.\";\n\n \n\nif(description)\n{\n script_id(63951);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-11 20:24:31 +0200 (Mon, 11 May 2009)\");\n script_cve_id(\"CVE-2009-1572\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:109 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libquagga0\", rpm:\"libquagga0~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libquagga0-devel\", rpm:\"libquagga0-devel~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64quagga0\", rpm:\"lib64quagga0~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64quagga0-devel\", rpm:\"lib64quagga0-devel~0.99.12~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:33", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=499033"], "pluginID": "136141256231064030", "description": "The remote host is missing an update to quagga\nannounced via advisory FEDORA-2009-5284.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-25T00:00:00", "title": "Fedora Core 10 FEDORA-2009-5284 (quagga)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064030", "id": "OPENVAS:136141256231064030", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5284.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5284 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThe latest upstream version fixes serious assert crashing with ASN4's.\nChangeLog:\n\n* Wed May 20 2009 Jiri Skala - 0.99.12-1\n- update to latest upstream version\n- fix #499960 - BGPd in Quagga prior to 0.99.12 has a serious assert problem crashing with ASN4's\n* Mon May 4 2009 Jiri Skala - 0.99.10-3\n- fixes #498832 - bgpd crashes on as paths containing more 6 digit as numbers\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update quagga' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5284\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory FEDORA-2009-5284.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64030\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1572\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-5284 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=499033\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.12~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.12~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.12~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.12~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:47", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=499033"], "pluginID": "136141256231064031", "description": "The remote host is missing an update to quagga\nannounced via advisory FEDORA-2009-5324.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-25T00:00:00", "title": "Fedora Core 11 FEDORA-2009-5324 (quagga)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064031", "id": "OPENVAS:136141256231064031", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5324.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5324 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThe latest upstream version fixes serious assert crashing with ASN4's.\nChangeLog:\n\n* Wed May 20 2009 Jiri Skala - 0.99.12-1\n- update to latest upstream version\n- fix #499960 - BGPd in Quagga prior to 0.99.12 has a serious assert problem crashing with ASN4's\n* Mon May 4 2009 Jiri Skala - 0:0.99.11-3\n- fixes #498832 - bgpd crashes on as paths containing more 6 digit as numbers\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update quagga' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5324\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory FEDORA-2009-5324.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64031\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1572\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-5324 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=499033\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.12~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.12~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.12~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.12~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:35", "references": [], "pluginID": "136141256231065862", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n quagga\n quagga-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for quagga", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065862", "id": "OPENVAS:136141256231065862", "sourceData": "#\n#VID slesp2-quagga-6240\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for quagga\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n quagga\n quagga-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65862\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-1572\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES10: Security update for quagga\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.9~14.5\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.9~14.5\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:08", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=500540"], "pluginID": "136141256231065673", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n quagga\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-11T00:00:00", "title": "SLES11: Security update for quagga", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065673", "id": "OPENVAS:136141256231065673", "sourceData": "#\n#VID 002f521a14af9399ff450446f62551e0\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for quagga\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n quagga\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=500540\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65673\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-1572\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES11: Security update for quagga\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.10~17.17.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:50", "references": ["http://www.openwall.com/lists/oss-security/2009/05/01/2", "http://secunia.com/advisories/34999"], "pluginID": "800710", "description": "This host is installed with Quagga for Linux and is prone to\n Denial of Service Vulnerability.", "edition": 1, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-05-13T00:00:00", "title": "Quagga Denial of Service Vulnerability", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Denial of Service", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1572"], "modified": "2016-12-29T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=800710", "id": "OPENVAS:800710", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_quagga_dos_vuln.nasl 4869 2016-12-29 11:01:45Z teissa $\n#\n# Quagga Denial of Service Vulnerability\n#\n# Authors:\n# Sujit Ghosal <sghosal@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker crash the daemon by advertising\n specially crafted AS paths and cause denial of service.\n\n Impact level: Application\";\n\ntag_solution = \"Apply the security update with the patch 0.99.10-1lenny2 for stable versions.\n Apply the security update with the patch 0.99.11-2 for unstable versions.\n http://www.debian.org/security/2009/dsa-1788\n\n *****\n NOTE: Please ignore the warning if patch has been already applied.\n *****\";\n\ntag_affected = \"Quagga version 0.99.11 and prior\";\ntag_insight = \"This flaw is due to an assertion error in the BGP daemon while handling\n an AS path containing multiple 4 byte AS numbers.\";\ntag_summary = \"This host is installed with Quagga for Linux and is prone to\n Denial of Service Vulnerability.\";\n\nif(description)\n{\n script_id(800710);\n script_version(\"$Revision: 4869 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-29 12:01:45 +0100 (Thu, 29 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-13 10:01:19 +0200 (Wed, 13 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_bugtraq_id(34817);\n script_cve_id(\"CVE-2009-1572\");\n script_name(\"Quagga Denial of Service Vulnerability\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/34999\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2009/05/01/2\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_quagga_detect.nasl\");\n script_require_keys(\"Quagga/Ver\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"impact\" , value : tag_impact);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nquaggaVer = get_kb_item(\"Quagga/Ver\");\nif(quaggaVer == NULL){\n exit(0);\n}\n\n# Grep for Quagga version 0.99.11 and prior.\nif(version_is_less_equal(version:quaggaVer, test_version:\"0.99.11\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:17", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1572"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.99.9-2ubuntu1.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "quagga", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.99.9-6ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "quagga", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.99.2-1ubuntu3.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "quagga", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.99.11-1ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "quagga", "operator": "lt"}], "description": "It was discovered that the BGP service in Quagga did not correctly handle certain AS paths containing 4-byte ASNs. An authenticated remote attacker could exploit this flaw to cause bgpd to abort, leading to a denial of service.", "edition": 3, "reporter": "Ubuntu", "published": "2009-05-12T00:00:00", "title": "Quagga vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-1572"], "modified": "2009-05-12T00:00:00", "id": "USN-775-1", "href": "https://usn.ubuntu.com/775-1/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}
