Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-2459.NASL
HistoryApr 27, 2012 - 12:00 a.m.

Debian DSA-2459-2 : quagga - several vulnerabilities

2012-04-2700:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
JSON

Several vulnerabilities have been discovered in Quagga, a routing daemon.

  • CVE-2012-0249 A buffer overflow in the ospf_ls_upd_list_lsa function in the OSPFv2 implementation allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.

  • CVE-2012-0250 A buffer overflow in the OSPFv2 implementation allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.

  • CVE-2012-0255 The BGP implementation does not properly use message buffers for OPEN messages, which allows remote attackers impersonating a configured BGP peer to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed AS4 capability.

This security update upgrades the quagga package to the most recent upstream release. This release includes other corrections, such as hardening against unknown BGP path attributes.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2459. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(58883);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255");
  script_bugtraq_id(52531);
  script_xref(name:"DSA", value:"2459");

  script_name(english:"Debian DSA-2459-2 : quagga - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been discovered in Quagga, a routing
daemon.

  - CVE-2012-0249
    A buffer overflow in the ospf_ls_upd_list_lsa function
    in the OSPFv2 implementation allows remote attackers to
    cause a denial of service (assertion failure and daemon
    exit) via a Link State Update (aka LS Update) packet
    that is smaller than the length specified in its header.

  - CVE-2012-0250
    A buffer overflow in the OSPFv2 implementation allows
    remote attackers to cause a denial of service (daemon
    crash) via a Link State Update (aka LS Update) packet
    containing a network-LSA link-state advertisement for
    which the data-structure length is smaller than the
    value in the Length header field.

  - CVE-2012-0255
    The BGP implementation does not properly use message
    buffers for OPEN messages, which allows remote attackers
    impersonating a configured BGP peer to cause a denial of
    service (assertion failure and daemon exit) via a
    message associated with a malformed AS4 capability.

This security update upgrades the quagga package to the most recent
upstream release. This release includes other corrections, such as
hardening against unknown BGP path attributes."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2012-0249"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2012-0250"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2012-0255"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze/quagga"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2012/dsa-2459"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the quagga packages.

For the stable distribution (squeeze), these problems have been fixed
in version 0.99.20.1-0+squeeze2."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:quagga");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/05/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/04/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"6.0", prefix:"quagga", reference:"0.99.20.1-0+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"quagga-dbg", reference:"0.99.20.1-0+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"quagga-doc", reference:"0.99.20.1-0+squeeze2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxquaggap-cpe:/a:debian:debian_linux:quagga
debiandebian_linux6.0cpe:/o:debian:debian_linux:6.0

Related

ubuntu 1
openvas 26
osv 2
nessus 20
debian 1
cert 1
fedora 3
freebsd 1
gentoo 1
veracode 8
securityvulns 1
centos 2
redhat 2
cve 3
prion 3
ubuntucve 3
debiancve 3
amazon 1
oraclelinux 3
ubuntu
ubuntu
Quagga vulnerabilities
2012-05-15 00:00:00
openvas
openvas
Fedora Update for quagga FEDORA-2012-5352
2012-08-30 00:00:00
Ubuntu: Security Advisory (USN-1441-1)
2012-05-17 00:00:00
Ubuntu Update for quagga USN-1441-1
2012-05-17 00:00:00
osv
osv
quagga - regression
2012-05-04 00:00:00
quagga - several
2012-05-04 00:00:00
nessus
nessus
Fedora 17 : quagga-0.99.20.1-1.fc17 (2012-5352)
2012-04-20 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerabilities (USN-1441-1)
2012-05-16 00:00:00
Quagga < 0.99.20.1 Multiple Vulnerabilities
2012-06-29 00:00:00
debian
debian
[SECURITY] [DSA 2459-1] quagga security update
2012-04-26 05:56:28
cert
cert
Quagga contains multiple vulnerabilities
2012-03-23 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: quagga-0.99.20.1-1.fc17
2012-04-20 03:07:24
[SECURITY] Fedora 16 Update: quagga-0.99.20.1-1.fc16
2012-04-22 03:43:44
[SECURITY] Fedora 15 Update: quagga-0.99.20.1-1.fc15
2012-04-22 03:48:42
freebsd
freebsd
quagga -- multiple vulnerabilities
2012-03-23 00:00:00
gentoo
gentoo
Quagga: Multiple vulnerabilities
2013-10-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:43:10
Denial Of Service (DoS)
2019-05-02 04:43:12
Denial Of Service (DoS)
2019-05-02 04:43:12
securityvulns
securityvulns
quagga route daemon multiple security vulnerabilities
2011-10-10 00:00:00
centos
centos
quagga security update
2012-09-12 23:23:05
quagga security update
2012-09-12 21:45:33
redhat
redhat
(RHSA-2012:1259) Moderate: quagga security update
2012-09-12 00:00:00
(RHSA-2012:1258) Moderate: quagga security update
2012-09-12 00:00:00
cve
cve
CVE-2012-0249
2012-04-05 13:25:00
CVE-2012-0250
2012-04-05 13:25:00
CVE-2012-0255
2012-04-05 13:25:00
prion
prion
Buffer overflow
2012-04-05 13:25:00
Design/Logic Flaw
2012-04-05 13:25:00
Buffer overflow
2012-04-05 13:25:00
ubuntucve
ubuntucve
CVE-2012-0249
2012-04-05 00:00:00
CVE-2012-0250
2012-04-05 00:00:00
CVE-2012-0255
2012-04-05 00:00:00
debiancve
debiancve
CVE-2012-0250
2012-04-05 13:25:00
CVE-2012-0249
2012-04-05 13:25:00
CVE-2012-0255
2012-04-05 13:25:00
amazon
amazon
Medium: quagga
2012-04-30 14:55:00
oraclelinux
oraclelinux
quagga security update
2012-09-12 00:00:00
quagga security and bug fix update
2017-03-27 00:00:00
quagga security update
2012-09-12 00:00:00
JSON
Related for DEBIAN_DSA-2459.NASL
ubuntu1openvas26osv2nessus20debian1cert1fedora3freebsd1gentoo1veracode8securityvulns1centos2redhat2cve3prion3ubuntucve3debiancve3amazon1oraclelinux3