Lucene search

FreeBSD42A2C82A-75B9-11E1-89B4-001EC9578670

HistoryMar 23, 2012 - 12:00 a.m.

quagga -- multiple vulnerabilities

2012-03-2300:00:00

vuxml.freebsd.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.028 Low

EPSS

Percentile

90.5%

JSON

CERT reports:

The ospfd implementation of OSPF in Quagga allows a remote
attacker (on a local network segment with OSPF enabled) to cause
a denial of service (daemon aborts due to an assert) with a
malformed OSPF LS-Update message.
The ospfd implementation of OSPF in Quagga allows a remote
attacker (on a local network segment with OSPF enabled) to cause
a denial of service (daemon crash) with a malformed OSPF Network-
LSA message.
The bgpd implementation of BGP in Quagga allows remote attackers
to cause a denial of service (daemon aborts due to an assert) via
BGP Open message with an invalid AS4 capability.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchquagga< 0.99.20.1UNKNOWN
FreeBSDanynoarchquagga-re< 0.99.17.8UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	quagga	< 0.99.20.1	UNKNOWN
FreeBSD	any	noarch	quagga-re	< 0.99.17.8	UNKNOWN

References

www.kb.cert.org/vuls/id/551715

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.028 Low

EPSS

Percentile

90.5%

JSON

Related for 42A2C82A-75B9-11E1-89B4-001EC9578670