logo
DATABASE RESOURCES PRICING ABOUT US

quagga -- multiple vulnerabilities

Description

CERT reports: The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon aborts due to an assert) with a malformed OSPF LS-Update message. The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon crash) with a malformed OSPF Network- LSA message. The bgpd implementation of BGP in Quagga allows remote attackers to cause a denial of service (daemon aborts due to an assert) via BGP Open message with an invalid AS4 capability.


Affected Package


OS OS Version Package Name Package Version
FreeBSD any quagga 0.99.20.1
FreeBSD any quagga-re 0.99.17.8

Related