Lucene search
Tenable700524.PRMHistoryApr 10, 2019 - 12:00 a.m.
Siemens RuggedCom Server < v2.13.0 Multiple Vulnerabilities
2019-04-1000:00:00
Tenable
www.tenable.com
8
The remote host has been identified as a RuggedCom server prior to v2.13.0, and is therefore affected by multiple vulnerabilities in the included Quagga package :
- The Quagga BGP daemon used to double-free memory when processing certain forms of UPDATE messages. This issue could be exploited by sending an optional/transitive UPDATE attribute that all conforming eBGP speakers should pass along. Consequently, a single UPDATE message could have affected many bgpd processes across a wide area of a network. Through this vulnerability, attackers could potentially have taken over control of affected bgpd processes remotely. (CVE-2018-5379)
- It was possible to overrun internal BGP code-to-string conversion tables in the Quagga BGP daemon. Configured peers could have exploited this issue and cause bgpd to emit debug and warning messages into the logs that would contained arbitrary bytes. (CVE-2018-5380)
- The Quagga BGP daemon could have entered an infinite loop if sent an invalid OPEN message by a configured peer. If this issue was exploited, then bgpd would cease to respond to any other events. BGP sessions would have been dropped and not be reestablished. The CLI interface would have been unresponsive. The bgpd daemon would have stayed in this state until restarted. (CVE-2018-5381)
Binary data 700524.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | ruggedcom_rugged_operating_system | cpe:/o:siemens:ruggedcom_rugged_operating_system |
Related
osv
osv
quagga - security update
2018-02-15 00:00:00
quagga - security update
2018-02-16 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2018-0133)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-4115-1)
2018-02-14 00:00:00
Fedora Update for quagga FEDORA-2018-b3e985489b
2018-03-14 00:00:00
mageia
mageia
Updated quagga packages fix security vulnerability
2018-02-22 22:49:44
nessus
nessus
Amazon Linux AMI : quagga (ALAS-2018-957)
2018-02-22 00:00:00
Fedora 27 : quagga (2018-9cd3ff3784)
2018-03-07 00:00:00
Debian DLA-1286-1 : quagga security update
2018-02-20 00:00:00
ics
ics
Siemens RUGGEDCOM ROX II
2019-04-09 12:00:00
amazon
amazon
Important: quagga
2018-02-20 21:26:00
debian
debian
[SECURITY] [DSA 4115-1] quagga security update
2018-02-15 22:25:18
[SECURITY] [DSA 4115-1] quagga security update
2018-02-15 22:25:18
[SECURITY] [DLA 1286-1] quagga security update
2018-02-16 22:32:14
f5
f5
cert
cert
Quagga bgpd is affected by multiple vulnerabilities
2018-02-15 00:00:00
gentoo
gentoo
Quagga: Multiple vulnerabilities
2018-04-22 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: quagga-1.2.2-2.fc26
2018-03-06 17:34:22
[SECURITY] Fedora 27 Update: quagga-1.2.2-2.fc27
2018-03-06 17:35:18
freebsd
freebsd
quagga -- several security issues
2018-01-31 00:00:00
ubuntu
ubuntu
Quagga vulnerabilities
2018-02-16 00:00:00
suse
suse
Security update for quagga (important)
2018-02-19 15:13:50
Security update for quagga (important)
2018-02-16 06:10:08
Security update for quagga (important)
2018-02-16 06:08:44
ubuntucve
ubuntucve
debiancve
debiancve
cve
cve
checkpoint_advisories
checkpoint_advisories
Quagga BGP Daemon bgp_update_receive Double Free (CVE-2018-5379)
2019-02-18 00:00:00
Quagga BGP Daemon bgp_capability_msg_parse Denial-of-Service (CVE-2018-5381)
2019-02-17 00:00:00
prion
prion
Double free
2018-02-19 13:29:00
Design/Logic Flaw
2018-02-19 13:29:00
Design/Logic Flaw
2018-02-19 13:29:00
redhatcve
redhatcve
oraclelinux
oraclelinux
quagga security update
2018-02-28 00:00:00
centos
centos
quagga security update
2018-03-10 11:52:43
redhat
redhat
(RHSA-2018:0377) Important: quagga security update
2018-02-28 16:24:10
rosalinux
rosalinux
Advisory ROSA-SA-2021-1960
2021-07-02 18:04:24
Related for 700524.PRM