The remote host is affected by the vulnerability described in GLSA-201310-08 (Quagga: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.
Impact :
A remote attacker may be able to cause arbitrary code execution or a Denial of Service condition.
Workaround :
There is no known workaround at this time.
{"id": "GENTOO_GLSA-201310-08.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "GLSA-201310-08 : Quagga: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201310-08 (Quagga: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker may be able to cause arbitrary code execution or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "published": "2013-10-11T00:00:00", "modified": "2021-01-06T00:00:00", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/70381", "reporter": "This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0249", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1820", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0255", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0250", "https://security.gentoo.org/glsa/201310-08"], "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236"], "immutableFields": [], "lastseen": "2021-08-19T12:52:27", "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2012-070", "ALAS-2012-090"]}, {"type": "centos", "idList": ["CESA-2012:1258", "CESA-2012:1259", "CESA-2017:0794"]}, {"type": "cert", "idList": ["VU:551715", "VU:962587"]}, {"type": "cve", "idList": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2459-1:6BDF4", "DEBIAN:DSA-2497-1:C0241", "DEBIAN:DSA-2803-1:52CB4"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-0249", "DEBIANCVE:CVE-2012-0250", "DEBIANCVE:CVE-2012-0255", "DEBIANCVE:CVE-2012-1820", "DEBIANCVE:CVE-2013-2236"]}, {"type": "fedora", "idList": ["FEDORA:2C9CC214AD", "FEDORA:339B620DE9", "FEDORA:520CC20C2F", "FEDORA:B7DAD209CA", "FEDORA:CF10E20C82", "FEDORA:DF7CB20842"]}, {"type": "freebsd", "idList": ["1E14D46F-AF1F-11E1-B242-00215AF774F0", "42A2C82A-75B9-11E1-89B4-001EC9578670"]}, {"type": "gentoo", "idList": ["GLSA-201310-08"]}, {"type": "mageia", "idList": ["MGASA-2013-0310"]}, {"type": "nessus", "idList": ["ALA_ALAS-2012-70.NASL", "ALA_ALAS-2012-90.NASL", "CENTOS_RHSA-2012-1258.NASL", "CENTOS_RHSA-2012-1259.NASL", "CENTOS_RHSA-2017-0794.NASL", "DEBIAN_DSA-2459.NASL", "DEBIAN_DSA-2497.NASL", "DEBIAN_DSA-2803.NASL", "FEDORA_2012-5352.NASL", "FEDORA_2012-5411.NASL", "FEDORA_2012-5436.NASL", "FEDORA_2012-9103.NASL", "FEDORA_2012-9116.NASL", "FEDORA_2012-9117.NASL", "FREEBSD_PKG_1E14D46FAF1F11E1B24200215AF774F0.NASL", "FREEBSD_PKG_42A2C82A75B911E189B4001EC9578670.NASL", "MANDRIVA_MDVSA-2013-122.NASL", "MANDRIVA_MDVSA-2013-254.NASL", "NEWSTART_CGSL_NS-SA-2019-0101_QUAGGA.NASL", "ORACLELINUX_ELSA-2012-1258.NASL", "ORACLELINUX_ELSA-2012-1259.NASL", "ORACLELINUX_ELSA-2017-0794.NASL", "QUAGGA_0_99_17.NASL", "QUAGGA_0_99_20_1.NASL", "QUAGGA_0_99_21.NASL", "QUAGGA_0_99_22_2.NASL", "REDHAT-RHSA-2012-1258.NASL", "REDHAT-RHSA-2012-1259.NASL", "REDHAT-RHSA-2017-0794.NASL", "SL_20120912_QUAGGA_ON_SL5_X.NASL", "SL_20120912_QUAGGA_ON_SL6_X.NASL", "SL_20170321_QUAGGA_ON_SL6_X.NASL", "SOLARIS11_QUAGGA_20120821.NASL", "SOLARIS11_QUAGGA_20140721.NASL", "SUSE_11_QUAGGA-120430.NASL", "SUSE_11_QUAGGA-130822.NASL", "SUSE_QUAGGA-8108.NASL", "UBUNTU_USN-1441-1.NASL", "UBUNTU_USN-1605-1.NASL", "UBUNTU_USN-2941-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120150", "OPENVAS:1361412562310120299", "OPENVAS:1361412562310121046", "OPENVAS:1361412562310123824", "OPENVAS:1361412562310123825", "OPENVAS:136141256231071263", "OPENVAS:136141256231071290", "OPENVAS:136141256231071476", "OPENVAS:136141256231071542", "OPENVAS:1361412562310841005", "OPENVAS:1361412562310841186", "OPENVAS:1361412562310842703", "OPENVAS:1361412562310864166", "OPENVAS:1361412562310864169", "OPENVAS:1361412562310864412", "OPENVAS:1361412562310864480", "OPENVAS:1361412562310864485", "OPENVAS:1361412562310864486", "OPENVAS:1361412562310870828", "OPENVAS:1361412562310870833", "OPENVAS:1361412562310871784", "OPENVAS:1361412562310881497", "OPENVAS:1361412562310881499", "OPENVAS:1361412562310892803", "OPENVAS:71263", "OPENVAS:71290", "OPENVAS:71476", "OPENVAS:71542", "OPENVAS:841005", "OPENVAS:841186", "OPENVAS:864166", "OPENVAS:864169", "OPENVAS:864412", "OPENVAS:864480", "OPENVAS:864485", "OPENVAS:864486", "OPENVAS:870828", "OPENVAS:870833", "OPENVAS:881497", "OPENVAS:881499", "OPENVAS:892803"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1258", "ELSA-2012-1259", "ELSA-2017-0794"]}, {"type": "osv", "idList": ["OSV:DSA-2459-1", "OSV:DSA-2459-2", "OSV:DSA-2497-1", "OSV:DSA-2803-1"]}, {"type": "redhat", "idList": ["RHSA-2012:1258", "RHSA-2012:1259", "RHSA-2017:0794"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30043", "SECURITYVULNS:VULN:11957", "SECURITYVULNS:VULN:13436"]}, {"type": "ubuntu", "idList": ["USN-1441-1", "USN-1605-1", "USN-2941-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-0249", "UB:CVE-2012-0250", "UB:CVE-2012-0255", "UB:CVE-2012-1820", "UB:CVE-2013-2236"]}]}, "score": {"value": 0.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2012-070"]}, {"type": "centos", "idList": ["CESA-2012:1258", "CESA-2012:1259"]}, {"type": "cert", "idList": ["VU:551715"]}, {"type": "cve", "idList": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2497-1:C0241"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-0249"]}, {"type": "fedora", "idList": ["FEDORA:DF7CB20842"]}, {"type": "freebsd", "idList": ["1E14D46F-AF1F-11E1-B242-00215AF774F0", "42A2C82A-75B9-11E1-89B4-001EC9578670"]}, {"type": "gentoo", "idList": ["GLSA-201310-08"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/GENTOO-LINUX-CVE-2012-0249/"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_1E14D46FAF1F11E1B24200215AF774F0.NASL", "QUAGGA_0_99_22_2.NASL", "SUSE_11_QUAGGA-130822.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120299", "OPENVAS:1361412562310870828", "OPENVAS:841186", "OPENVAS:864166", "OPENVAS:870828"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1258"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30043"]}, {"type": "ubuntu", "idList": ["USN-2941-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-2236"]}]}, "exploitation": null, "vulnersScore": 0.7}, "pluginID": "70381", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201310-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70381);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\", \"CVE-2013-2236\");\n script_bugtraq_id(52531, 53775, 60955);\n script_xref(name:\"GLSA\", value:\"201310-08\");\n\n script_name(english:\"GLSA-201310-08 : Quagga: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201310-08\n(Quagga: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Quagga. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to cause arbitrary code execution or a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201310-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Quagga users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/quagga-0.99.22.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/quagga\", unaffected:make_list(\"ge 0.99.22.4\"), vulnerable:make_list(\"lt 0.99.22.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Quagga\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "cpe": ["p-cpe:/a:gentoo:linux:quagga", "cpe:/o:gentoo:linux"], "solution": "All Quagga users should upgrade to the latest version:\n # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/quagga-0.99.22.4'", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.6"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2013-10-10T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1660004461, "score": 1659821240}, "_internal": {"score_hash": "a5e970532786dd2bfb5532829b7a76d0"}}
{"openvas": [{"lastseen": "2019-05-29T18:36:31", "description": "Gentoo Linux Local Security Checks GLSA 201310-08", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201310-08", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2013-2236"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121046", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121046", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201310-08.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121046\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:06 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201310-08\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201310-08\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\", \"CVE-2013-2236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201310-08\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-misc/quagga\", unaffected: make_list(\"ge 0.99.22.4\"), vulnerable: make_list(\"lt 0.99.22.4\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-04T11:20:55", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1441-1", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1441-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841005", "href": "http://plugins.openvas.org/nasl.php?oid=841005", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1441_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for quagga USN-1441-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Quagga incorrectly handled Link State Update\n messages with invalid lengths. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0249,\n CVE-2012-0250)\n\n It was discovered that Quagga incorrectly handled messages with a malformed\n Four-octet AS Number Capability. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1441-1\";\ntag_affected = \"quagga on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1441-1/\");\n script_id(841005);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-17 10:32:32 +0530 (Thu, 17 May 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1441-1\");\n script_name(\"Ubuntu Update for quagga USN-1441-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:30", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2459-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71263", "href": "http://plugins.openvas.org/nasl.php?oid=71263", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2459_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2459-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\nCVE-2012-0249\nA buffer overflow in the ospf_ls_upd_list_lsa function in the\nOSPFv2 implementation allows remote attackers to cause a\ndenial of service (assertion failure and daemon exit) via a\nLink State Update (aka LS Update) packet that is smaller than\nthe length specified in its header.\n\nCVE-2012-0250\nA buffer overflow in the OSPFv2 implementation allows remote\nattackers to cause a denial of service (daemon crash) via a\nLink State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the\ndata-structure length is smaller than the value in the Length\nheader field.\n\nCVE-2012-0255\nThe BGP implementation does not properly use message buffers\nfor OPEN messages, which allows remote attackers impersonating\na configured BGP peer to cause a denial of service (assertion\nfailure and daemon exit) via a message associated with a\nmalformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\nWe recommend that you upgrade your quagga packages.\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202459-1\";\n\nif(description)\n{\n script_id(71263);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:58:15 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2459-1 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:41", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5411", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864166", "href": "http://plugins.openvas.org/nasl.php?oid=864166", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5411\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n\n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n\n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html\");\n script_id(864166);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:52:52 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5411\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5411\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:57:28", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5352", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:864412", "href": "http://plugins.openvas.org/nasl.php?oid=864412", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5352\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html\");\n script_id(864412);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:08:55 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5352\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5352\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:50", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2017-04-10T00:00:00", "id": "OPENVAS:71290", "href": "http://plugins.openvas.org/nasl.php?oid=71290", "sourceData": "#\n#VID 42a2c82a-75b9-11e1-89b4-001ec9578670\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 42a2c82a-75b9-11e1-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n quagga\n quagga-re\n\nCVE-2012-0249\nBuffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c\nin the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1\nallows remote attackers to cause a denial of service (assertion\nfailure and daemon exit) via a Link State Update (aka LS Update)\npacket that is smaller than the length specified in its header.\nCVE-2012-0250\nBuffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure\nlength is smaller than the value in the Length header field.\nCVE-2012-0255\nThe BGP implementation in bgpd in Quagga before 0.99.20.1 does not\nproperly use message buffers for OPEN messages, which allows remote\nattackers to cause a denial of service (assertion failure and daemon\nexit) via a message associated with a malformed Four-octet AS Number\nCapability (aka AS4 capability).\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kb.cert.org/vuls/id/551715\nhttp://www.vuxml.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71290);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 5912 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-10 11:01:51 +0200 (Mon, 10 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:26 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.8\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5411", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864166", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864166", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5411\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864166\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:52:52 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5411\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5411\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:21", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071290", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071290", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_quagga3.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 42a2c82a-75b9-11e1-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71290\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:26 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n quagga\n quagga-re\n\nCVE-2012-0249\nBuffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c\nin the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1\nallows remote attackers to cause a denial of service (assertion\nfailure and daemon exit) via a Link State Update (aka LS Update)\npacket that is smaller than the length specified in its header.\nCVE-2012-0250\nBuffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure\nlength is smaller than the value in the Length header field.\nCVE-2012-0255\nThe BGP implementation in bgpd in Quagga before 0.99.20.1 does not\nproperly use message buffers for OPEN messages, which allows remote\nattackers to cause a denial of service (assertion failure and daemon\nexit) via a message associated with a malformed Four-octet AS Number\nCapability (aka AS4 capability).\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/551715\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.8\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:24", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1441-1", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1441-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841005", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841005", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1441_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for quagga USN-1441-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1441-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841005\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-17 10:32:32 +0530 (Thu, 17 May 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1441-1\");\n script_name(\"Ubuntu Update for quagga USN-1441-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1441-1\");\n script_tag(name:\"affected\", value:\"quagga on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Quagga incorrectly handled Link State Update\n messages with invalid lengths. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0249,\n CVE-2012-0250)\n\n It was discovered that Quagga incorrectly handled messages with a malformed\n Four-octet AS Number Capability. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5352", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864412", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864412", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5352\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864412\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:08:55 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5352\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5352\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2459-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071263", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071263", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2459_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2459-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71263\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:58:15 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2459-1 (quagga)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202459-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\nCVE-2012-0249\nA buffer overflow in the ospf_ls_upd_list_lsa function in the\nOSPFv2 implementation allows remote attackers to cause a\ndenial of service (assertion failure and daemon exit) via a\nLink State Update (aka LS Update) packet that is smaller than\nthe length specified in its header.\n\nCVE-2012-0250\nA buffer overflow in the OSPFv2 implementation allows remote\nattackers to cause a denial of service (daemon crash) via a\nLink State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the\ndata-structure length is smaller than the value in the Length\nheader field.\n\nCVE-2012-0255\nThe BGP implementation does not properly use message buffers\nfor OPEN messages, which allows remote attackers impersonating\na configured BGP peer to cause a denial of service (assertion\nfailure and daemon exit) via a message associated with a\nmalformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your quagga packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:10", "description": "Oracle Linux Local Security Checks ELSA-2012-1259", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1259", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123824", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123824", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1259.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123824\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:02 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1259\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1259 - quagga security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1259\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1259.html\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.15~7.el6_3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.15~7.el6_3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:04", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1259-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:870828", "href": "http://plugins.openvas.org/nasl.php?oid=870828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1259-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00015.html\");\n script_id(870828);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:41:23 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1259-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1259-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:31", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1259 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:881497", "href": "http://plugins.openvas.org/nasl.php?oid=881497", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1259 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n \n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n \n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n \n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n \n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n \n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n \n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n \n Two flaws were found in the way the bgpd daemon processed certain BGP OPEN\n messages. A configured BGP peer could cause bgpd on a target system to\n abort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\n CVE-2012-1820)\n \n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\n CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\n CVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\n Taimisto of the Codenomicon CROSS project as the original reporters of\n CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\n CVE-2011-3326. The CERT/CC acknowle ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018868.html\");\n script_id(881497);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:48:27 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1259\");\n script_name(\"CentOS Update for quagga CESA-2012:1259 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1259-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870828", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1259-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00015.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870828\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:41:23 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1259-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1259-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"quagga on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1259 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881497", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881497", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1259 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018868.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881497\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:48:27 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1259\");\n script_name(\"CentOS Update for quagga CESA-2012:1259 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"quagga on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n\n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n\n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n\n Two flaws were found in the way the bgpd daemon processed certain BGP OPEN\n messages. A configured BGP peer could cause bgpd on a target system to\n abort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\n CVE-2012-1820)\n\n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. And the\n CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\n CVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\n Taimisto of the Codenomicon CROSS project as the original reporters of\n CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\n CVE-2011-3326. The CERT/CC acknowle ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-06T13:06:48", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5436", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:864169", "href": "http://plugins.openvas.org/nasl.php?oid=864169", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5436\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n\n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n\n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html\");\n script_id(864169);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:01 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5436\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5436\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5436", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864169", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864169", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5436\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864169\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:01 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5436\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5436\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:06:40", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:864486", "href": "http://plugins.openvas.org/nasl.php?oid=864486", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9103\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is free software that operates TCP/IP-based routing protocols. It takes\n a multi-server and multi-threaded approach to resolving the current complexity\n of the Internet.\n\n Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2,\n OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit; it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082500.html\");\n script_id(864486);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:25:17 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9103\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9103\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864486", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864486", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9103\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082500.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864486\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:25:17 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9103\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9103\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-08T12:56:56", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9116", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:864480", "href": "http://plugins.openvas.org/nasl.php?oid=864480", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9116\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is free software that operates TCP/IP-based routing protocols. It takes\n a multi-server and multi-threaded approach to resolving the current complexity\n of the Internet.\n\n Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2,\n OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit; it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082463.html\");\n script_id(864480);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:24:54 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9116\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9116\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:03:40", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-90)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120299", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120299", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120299\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:23:06 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-90)\");\n script_tag(name:\"insight\", value:\"The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.\");\n script_tag(name:\"solution\", value:\"Run yum update quagga to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-90.html\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2497-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071476", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071476", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2497_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2497-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71476\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:06:44 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2497-1 (quagga)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202497-1\");\n script_tag(name:\"insight\", value:\"It was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your quagga packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.21-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.21-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.21-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:50:36", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2497-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71476", "href": "http://plugins.openvas.org/nasl.php?oid=71476", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2497_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2497-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\n\nWe recommend that you upgrade your quagga packages.\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202497-1\";\n\nif(description)\n{\n script_id(71476);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:06:44 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2497-1 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.21-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.21-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.21-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:41", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2017-04-14T00:00:00", "id": "OPENVAS:71542", "href": "http://plugins.openvas.org/nasl.php?oid=71542", "sourceData": "#\n#VID 1e14d46f-af1f-11e1-b242-00215af774f0\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 1e14d46f-af1f-11e1-b242-00215af774f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n quagga\n quagga-re\n\nCVE-2012-1820\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kb.cert.org/vuls/id/962587\nhttp://www.vuxml.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71542);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 5956 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-14 11:02:12 +0200 (Fri, 14 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:17 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<=0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.10\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:21:08", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1605-1", "cvss3": {}, "published": "2012-10-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1605-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841186", "href": "http://plugins.openvas.org/nasl.php?oid=841186", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1605_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for quagga USN-1605-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Quagga incorrectly handled certain malformed\n messages. A remote attacker could use this flaw to cause Quagga to crash,\n resulting in a denial of service.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1605-1\";\ntag_affected = \"quagga on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1605-1/\");\n script_id(841186);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-12 09:20:37 +0530 (Fri, 12 Oct 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1605-1\");\n script_name(\"Ubuntu Update for quagga USN-1605-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:45", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1605-1", "cvss3": {}, "published": "2012-10-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1605-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841186", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841186", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1605_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for quagga USN-1605-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1605-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841186\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-12 09:20:37 +0530 (Fri, 12 Oct 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1605-1\");\n script_name(\"Ubuntu Update for quagga USN-1605-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1605-1\");\n script_tag(name:\"affected\", value:\"quagga on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Quagga incorrectly handled certain malformed\n messages. A remote attacker could use this flaw to cause Quagga to crash,\n resulting in a denial of service.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9116", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864480", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864480", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9116\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082463.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864480\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:24:54 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9116\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9116\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:01", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071542", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071542", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_quagga4.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 1e14d46f-af1f-11e1-b242-00215af774f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71542\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:17 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n quagga\n quagga-re\n\nCVE-2012-1820\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/962587\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<=0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.10\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T23:03:45", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-70)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120150", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120150", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120150\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:18:40 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-70)\");\n script_tag(name:\"insight\", value:\"Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.\");\n script_tag(name:\"solution\", value:\"Run yum update quagga to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-70.html\");\n script_cve_id(\"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:10", "description": "Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP\nrouting daemon:\n\nCVE-2013-2236\nA buffer overflow was found in the OSPF API-server (exporting the LSDB\nand allowing announcement of Opaque-LSAs).\n\nCVE-2013-6051\nbgpd could be crashed through BGP updates. This only affects Wheezy/stable.", "cvss3": {}, "published": "2013-11-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2803-1 (quagga - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6051", "CVE-2013-2236"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892803", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892803", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2803.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2803-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892803\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-2236\", \"CVE-2013-6051\");\n script_name(\"Debian Security Advisory DSA 2803-1 (quagga - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-26 00:00:00 +0100 (Tue, 26 Nov 2013)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2803.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"quagga on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 0.99.20.1-0+squeeze5.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 0.99.22.4-1+wheezy1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.99.22.4-1.\n\nWe recommend that you upgrade your quagga packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP\nrouting daemon:\n\nCVE-2013-2236\nA buffer overflow was found in the OSPF API-server (exporting the LSDB\nand allowing announcement of Opaque-LSAs).\n\nCVE-2013-6051\nbgpd could be crashed through BGP updates. This only affects Wheezy/stable.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-0+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.22.4-1+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.22.4-1+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.22.4-1+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:51:57", "description": "Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP\nrouting daemon:\n\nCVE-2013-2236 \nA buffer overflow was found in the OSPF API-server (exporting the LSDB\nand allowing announcement of Opaque-LSAs).\n\nCVE-2013-6051 \nbgpd could be crashed through BGP updates. This only affects Wheezy/stable.", "cvss3": {}, "published": "2013-11-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2803-1 (quagga - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6051", "CVE-2013-2236"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892803", "href": "http://plugins.openvas.org/nasl.php?oid=892803", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2803.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2803-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"quagga on Debian Linux\";\ntag_insight = \"GNU Quagga is free software which manages TCP/IP based routing protocols.\nIt supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, and RIPng as\nwell as the IPv6 versions of these.\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 0.99.20.1-0+squeeze5.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 0.99.22.4-1+wheezy1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.99.22.4-1.\n\nWe recommend that you upgrade your quagga packages.\";\ntag_summary = \"Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP\nrouting daemon:\n\nCVE-2013-2236 \nA buffer overflow was found in the OSPF API-server (exporting the LSDB\nand allowing announcement of Opaque-LSAs).\n\nCVE-2013-6051 \nbgpd could be crashed through BGP updates. This only affects Wheezy/stable.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892803);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-2236\", \"CVE-2013-6051\");\n script_name(\"Debian Security Advisory DSA 2803-1 (quagga - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-11-26 00:00:00 +0100 (Tue, 26 Nov 2013)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2803.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-0+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.22.4-1+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.22.4-1+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.22.4-1+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-25T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-2941-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2342", "CVE-2013-2236"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842703", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842703", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for quagga USN-2941-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842703\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-25 06:13:48 +0100 (Fri, 25 Mar 2016)\");\n script_cve_id(\"CVE-2016-2342\", \"CVE-2013-2236\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for quagga USN-2941-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Kostya Kortchinsky discovered that Quagga\n incorrectly handled certain route data when configured with BGP peers enabled\n for VPNv4. A remote attacker could use this issue to cause Quagga to crash,\n resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-2342)\n\n It was discovered that Quagga incorrectly handled messages with a large\n LSA when used in certain configurations. A remote attacker could use this\n issue to cause Quagga to crash, resulting in a denial of service. This\n issue only affected Ubuntu 12.04 LTS. (CVE-2013-2236)\");\n script_tag(name:\"affected\", value:\"quagga on Ubuntu 15.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2941-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2941-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.22.4-3ubuntu1.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.24.1-2ubuntu0.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:56:29", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1258-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:870833", "href": "http://plugins.openvas.org/nasl.php?oid=870833", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1258-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00014.html\");\n script_id(870833);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:42:09 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1258-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1258-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:53", "description": "Oracle Linux Local Security Checks ELSA-2012-1258", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1258", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123825", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123825", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1258.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123825\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:03 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1258\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1258 - quagga security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1258\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1258.html\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:58:08", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1258 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:881499", "href": "http://plugins.openvas.org/nasl.php?oid=881499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1258 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n \n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n \n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n \n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n \n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n \n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n \n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n \n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n \n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\n CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\n Riku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\n project as the original reporters of CVE-2011-3327, CVE-2011-3323,\n CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\n Martin Winte ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018866.html\");\n script_id(881499);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:49:58 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1258\");\n script_name(\"CentOS Update for quagga CESA-2012:1258 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1258 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881499", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1258 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018866.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881499\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:49:58 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1258\");\n script_name(\"CentOS Update for quagga CESA-2012:1258 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"quagga on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n\n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n\n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n\n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. And the\n CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\n Riku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\n project as the original reporters of CVE-2011-3327, CVE-2011-3323,\n CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\n Martin Winte ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1258-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870833", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870833", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1258-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00014.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870833\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:42:09 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1258-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1258-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"quagga on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-03-22T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2017:0794-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4049", "CVE-2016-1245", "CVE-2016-2342", "CVE-2013-2236", "CVE-2017-5495"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871784", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871784", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2017:0794-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871784\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-22 05:48:36 +0100 (Wed, 22 Mar 2017)\");\n script_cve_id(\"CVE-2013-2236\", \"CVE-2016-1245\", \"CVE-2016-2342\", \"CVE-2016-4049\", \"CVE-2017-5495\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for quagga RHSA-2017:0794-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The quagga packages contain Quagga, the\nfree network-routing software suite that manages TCP/IP based protocols. Quagga\nsupports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and\nis intended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es):\n\n * A stack-based buffer overflow flaw was found in the way Quagga handled\nIPv6 router advertisement messages. A remote attacker could use this flaw\nto crash the zebra daemon resulting in denial of service. (CVE-2016-1245)\n\n * A stack-based buffer overflow flaw was found in the way the Quagga BGP\nrouting daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote\nattacker could use this flaw to crash the bgpd daemon resulting in denial\nof service. (CVE-2016-2342)\n\n * A denial of service flaw was found in the Quagga BGP routing daemon\n(bgpd). Under certain circumstances, a remote attacker could send a crafted\npacket to crash the bgpd daemon resulting in denial of service.\n(CVE-2016-4049)\n\n * A denial of service flaw affecting various daemons in Quagga was found. A\nremote attacker could use this flaw to cause the various Quagga daemons,\nwhich expose their telnet interface, to crash. (CVE-2017-5495)\n\n * A stack-based buffer overflow flaw was found in the way the Quagga OSPFD\ndaemon handled LSA (link-state advertisement) packets. A remote attacker\ncould use this flaw to crash the ospfd daemon resulting in denial of\nservice. (CVE-2013-2236)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9\nTechnical Notes linked from the References section.\");\n script_tag(name:\"affected\", value:\"quagga on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0794-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-March/msg00054.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~14.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.15~14.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-11T11:07:14", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9117", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864485", "href": "http://plugins.openvas.org/nasl.php?oid=864485", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9117\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082484.html\");\n script_id(864485);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:25:03 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\", \"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\",\n \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9117\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9117\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9117", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864485", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864485", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9117\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082484.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864485\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:25:03 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\", \"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\",\n \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9117\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9117\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:10:10", "description": "### Background\n\nQuagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to cause arbitrary code execution or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Quagga users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/quagga-0.99.22.4\"", "cvss3": {}, "published": "2013-10-10T00:00:00", "type": "gentoo", "title": "Quagga: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236"], "modified": "2013-10-10T00:00:00", "id": "GLSA-201310-08", "href": "https://security.gentoo.org/glsa/201310-08", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:58:19", "description": "This update of quagga fixes multiple security flaws that could have caused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination with logrotate were fixed.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-07T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : quagga (ZYPP Patch Number 8108)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_QUAGGA-8108.NASL", "href": "https://www.tenable.com/plugins/nessus/59393", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59393);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"SuSE 10 Security Update : quagga (ZYPP Patch Number 8108)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of quagga fixes multiple security flaws that could have\ncaused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination\nwith logrotate were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0249.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0250.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0255.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1820.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8108.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"quagga-0.99.9-14.15.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"quagga-devel-0.99.9-14.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:56:00", "description": "This update of quagga fixes multiple security flaws that could have caused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination with logrotate were fixed.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : quagga (SAT Patch Number 6241)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:quagga", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_QUAGGA-120430.NASL", "href": "https://www.tenable.com/plugins/nessus/64222", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64222);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"SuSE 11.1 Security Update : quagga (SAT Patch Number 6241)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of quagga fixes multiple security flaws that could have\ncaused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination\nwith logrotate were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=759081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0249.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0250.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0255.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1820.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6241.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"quagga-0.99.15-0.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:47:14", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. (CVE-2012-0248)\n\n - Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.\n (CVE-2012-0249)\n\n - Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. (CVE-2012-0250)\n\n - The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability). (CVE-2012-0255)\n\n - The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message. (CVE-2012-1820)", "cvss3": {"score": null, "vector": null}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : quagga (cve_2012_1820_denial_of)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0248", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.0", "p-cpe:/a:oracle:solaris:quagga"], "id": "SOLARIS11_QUAGGA_20120821.NASL", "href": "https://www.tenable.com/plugins/nessus/80752", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80752);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0248\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : quagga (cve_2012_1820_denial_of)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - ImageMagick 6.7.5-7 and earlier allows remote attackers\n to cause a denial of service (infinite loop and hang)\n via a crafted image whose IFD contains IOP tags that all\n reference the beginning of the IDF. (CVE-2012-0248)\n\n - Buffer overflow in the ospf_ls_upd_list_lsa function in\n ospf_packet.c in the OSPFv2 implementation in ospfd in\n Quagga before 0.99.20.1 allows remote attackers to cause\n a denial of service (assertion failure and daemon exit)\n via a Link State Update (aka LS Update) packet that is\n smaller than the length specified in its header.\n (CVE-2012-0249)\n\n - Buffer overflow in the OSPFv2 implementation in ospfd in\n Quagga before 0.99.20.1 allows remote attackers to cause\n a denial of service (daemon crash) via a Link State\n Update (aka LS Update) packet containing a network-LSA\n link-state advertisement for which the data-structure\n length is smaller than the value in the Length header\n field. (CVE-2012-0250)\n\n - The BGP implementation in bgpd in Quagga before\n 0.99.20.1 does not properly use message buffers for OPEN\n messages, which allows remote attackers to cause a\n denial of service (assertion failure and daemon exit)\n via a message associated with a malformed Four-octet AS\n Number Capability (aka AS4 capability). (CVE-2012-0255)\n\n - The bgp_capability_orf function in bgpd in Quagga\n 0.99.20.1 and earlier allows remote attackers to cause a\n denial of service (assertion failure and daemon exit) by\n leveraging a BGP peering relationship and sending a\n malformed Outbound Route Filtering (ORF) capability TLV\n in an OPEN message. (CVE-2012-1820)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2012-1820-denial-of-service-dos-vulnerability-in-quagga\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-quagga\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93e9a1eb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11/11 SRU 10.5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:quagga\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^quagga$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.10.0.5.0\", sru:\"SRU 10.5a\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : quagga\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"quagga\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:43", "description": "CERT reports :\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon aborts due to an assert) with a malformed OSPF LS-Update message.\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon crash) with a malformed OSPF Network- LSA message.\n\nThe bgpd implementation of BGP in Quagga allows remote attackers to cause a denial of service (daemon aborts due to an assert) via BGP Open message with an invalid AS4 capability.", "cvss3": {"score": null, "vector": null}, "published": "2012-03-26T00:00:00", "type": "nessus", "title": "FreeBSD : quagga -- multiple vulnerabilities (42a2c82a-75b9-11e1-89b4-001ec9578670)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:quagga", "p-cpe:/a:freebsd:freebsd:quagga-re", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_42A2C82A75B911E189B4001EC9578670.NASL", "href": "https://www.tenable.com/plugins/nessus/58471", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58471);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_xref(name:\"CERT\", value:\"551715\");\n\n script_name(english:\"FreeBSD : quagga -- multiple vulnerabilities (42a2c82a-75b9-11e1-89b4-001ec9578670)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CERT reports :\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker\n(on a local network segment with OSPF enabled) to cause a denial of\nservice (daemon aborts due to an assert) with a malformed OSPF\nLS-Update message.\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker\n(on a local network segment with OSPF enabled) to cause a denial of\nservice (daemon crash) with a malformed OSPF Network- LSA message.\n\nThe bgpd implementation of BGP in Quagga allows remote attackers to\ncause a denial of service (daemon aborts due to an assert) via BGP\nOpen message with an invalid AS4 capability.\"\n );\n # https://vuxml.freebsd.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?14ac3939\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga-re\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"quagga<0.99.20.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"quagga-re<0.99.17.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:32", "description": "fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-20T00:00:00", "type": "nessus", "title": "Fedora 17 : quagga-0.99.20.1-1.fc17 (2012-5352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-5352.NASL", "href": "https://www.tenable.com/plugins/nessus/58805", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5352.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58805);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_xref(name:\"FEDORA\", value:\"2012-5352\");\n\n script_name(english:\"Fedora 17 : quagga-0.99.20.1-1.fc17 (2012-5352)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802829\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54991e49\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"quagga-0.99.20.1-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:33", "description": "fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-23T00:00:00", "type": "nessus", "title": "Fedora 15 : quagga-0.99.20.1-1.fc15 (2012-5436)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-5436.NASL", "href": "https://www.tenable.com/plugins/nessus/58822", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5436.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58822);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"FEDORA\", value:\"2012-5436\");\n\n script_name(english:\"Fedora 15 : quagga-0.99.20.1-1.fc15 (2012-5436)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802829\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3476b3b9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"quagga-0.99.20.1-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "According to its self-reported version number, the installation of Quagga listening on the remote host is affected by multiple vulnerabilities :\n\n - A buffer overflow vulnerability exists in OSPFD can be triggered by a specially crafted Link Status Update message that is smaller than the length specified in its header, leading to denial of service.\n (CVE-2012-0249)\n\n - A buffer overflow vulnerability in exists OSPFD can be triggered by a specially crafted Link Status Update message containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field, leading to denial of service. (CVE-2012-0250)\n\n - A denial of service vulnerability exists in BGPD that can be triggered by a specially crafted OPEN message with a malformed four-octet AS Number Capability.\n (CVE-2012-0250)", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.20.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_20_1.NASL", "href": "https://www.tenable.com/plugins/nessus/59791", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59791);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/25 18:58:04\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"CERT\", value:\"551715\");\n\n script_name(english:\"Quagga < 0.99.20.1 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga listening on the remote host is affected by multiple\nvulnerabilities :\n\n - A buffer overflow vulnerability exists in OSPFD can be\n triggered by a specially crafted Link Status Update\n message that is smaller than the length specified in \n its header, leading to denial of service.\n (CVE-2012-0249)\n\n - A buffer overflow vulnerability in exists OSPFD can be\n triggered by a specially crafted Link Status Update\n message containing a network-LSA link-state\n advertisement for which the data-structure length is\n smaller than the value in the Length header field,\n leading to denial of service. (CVE-2012-0250)\n\n - A denial of service vulnerability exists in BGPD that \n can be triggered by a specially crafted OPEN message \n with a malformed four-octet AS Number Capability.\n (CVE-2012-0250)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.20.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.quagga.net/show_bug.cgi?id=705\");\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7151\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.quagga.net/download/quagga-0.99.20.1.changelog.txt\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.20.1\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_warning(port:port, extra:report);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:31", "description": "Several vulnerabilities have been discovered in Quagga, a routing daemon.\n\n - CVE-2012-0249 A buffer overflow in the ospf_ls_upd_list_lsa function in the OSPFv2 implementation allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.\n\n - CVE-2012-0250 A buffer overflow in the OSPFv2 implementation allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.\n\n - CVE-2012-0255 The BGP implementation does not properly use message buffers for OPEN messages, which allows remote attackers impersonating a configured BGP peer to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent upstream release. This release includes other corrections, such as hardening against unknown BGP path attributes.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-27T00:00:00", "type": "nessus", "title": "Debian DSA-2459-2 : quagga - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:quagga", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2459.NASL", "href": "https://www.tenable.com/plugins/nessus/58883", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2459. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58883);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"DSA\", value:\"2459\");\n\n script_name(english:\"Debian DSA-2459-2 : quagga - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\n - CVE-2012-0249\n A buffer overflow in the ospf_ls_upd_list_lsa function\n in the OSPFv2 implementation allows remote attackers to\n cause a denial of service (assertion failure and daemon\n exit) via a Link State Update (aka LS Update) packet\n that is smaller than the length specified in its header.\n\n - CVE-2012-0250\n A buffer overflow in the OSPFv2 implementation allows\n remote attackers to cause a denial of service (daemon\n crash) via a Link State Update (aka LS Update) packet\n containing a network-LSA link-state advertisement for\n which the data-structure length is smaller than the\n value in the Length header field.\n\n - CVE-2012-0255\n The BGP implementation does not properly use message\n buffers for OPEN messages, which allows remote attackers\n impersonating a configured BGP peer to cause a denial of\n service (assertion failure and daemon exit) via a\n message associated with a malformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/quagga\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2459\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the quagga packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"quagga\", reference:\"0.99.20.1-0+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-dbg\", reference:\"0.99.20.1-0+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-doc\", reference:\"0.99.20.1-0+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:33", "description": "fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-23T00:00:00", "type": "nessus", "title": "Fedora 16 : quagga-0.99.20.1-1.fc16 (2012-5411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-5411.NASL", "href": "https://www.tenable.com/plugins/nessus/58819", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5411.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58819);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"FEDORA\", value:\"2012-5411\");\n\n script_name(english:\"Fedora 16 : quagga-0.99.20.1-1.fc16 (2012-5411)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802829\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f5ca7ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"quagga-0.99.20.1-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:31", "description": "It was discovered that Quagga incorrectly handled Link State Update messages with invalid lengths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0249, CVE-2012-0250)\n\nIt was discovered that Quagga incorrectly handled messages with a malformed Four-octet AS Number Capability. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0255).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-05-16T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerabilities (USN-1441-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:quagga", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1441-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59107", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1441-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59107);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"USN\", value:\"1441-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerabilities (USN-1441-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga incorrectly handled Link State Update\nmessages with invalid lengths. A remote attacker could use this flaw\nto cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0249, CVE-2012-0250)\n\nIt was discovered that Quagga incorrectly handled messages with a\nmalformed Four-octet AS Number Capability. A remote attacker could use\nthis flaw to cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0255).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1441-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.10.04.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.04.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.10.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.12.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:57:13", "description": "A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-14T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : quagga on SL6.x i386/x86_64 (20120912)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:quagga", "p-cpe:/a:fermilab:scientific_linux:quagga-contrib", "p-cpe:/a:fermilab:scientific_linux:quagga-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120912_QUAGGA_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62095", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62095);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"Scientific Linux Security Update : quagga on SL6.x i386/x86_64 (20120912)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d\ndaemons will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1209&L=scientific-linux-errata&T=0&P=1641\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b28b4689\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected quagga, quagga-contrib and / or quagga-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:53:34", "description": "From Red Hat Security Advisory 2012:1259 :\n\nUpdated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : quagga (ELSA-2012-1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:quagga", "p-cpe:/a:oracle:linux:quagga-contrib", "p-cpe:/a:oracle:linux:quagga-devel", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/68618", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1259 and \n# Oracle Linux Security Advisory ELSA-2012-1259 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68618);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_bugtraq_id(42635, 42642, 46942, 46943, 49784, 52531, 53775);\n script_xref(name:\"RHSA\", value:\"2012:1259\");\n\n script_name(english:\"Oracle Linux 6 : quagga (ELSA-2012-1259)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1259 :\n\nUpdated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003021.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:17", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-13T00:00:00", "type": "nessus", "title": "RHEL 6 : quagga (RHSA-2012:1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:quagga", "p-cpe:/a:redhat:enterprise_linux:quagga-contrib", "p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo", "p-cpe:/a:redhat:enterprise_linux:quagga-devel", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.3"], "id": "REDHAT-RHSA-2012-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/62070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1259. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62070);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_bugtraq_id(49784, 52531, 53775);\n script_xref(name:\"RHSA\", value:\"2012:1259\");\n\n script_name(english:\"RHEL 6 : quagga (RHSA-2012:1259)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0255\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1259\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"quagga-debuginfo-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:09", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-14T00:00:00", "type": "nessus", "title": "CentOS 6 : quagga (CESA-2012:1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:quagga", "p-cpe:/a:centos:centos:quagga-contrib", "p-cpe:/a:centos:centos:quagga-devel", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/62081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1259 and \n# CentOS Errata and Security Advisory 2012:1259 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62081);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_bugtraq_id(49784, 52531, 53775);\n script_xref(name:\"RHSA\", value:\"2012:1259\");\n\n script_name(english:\"CentOS 6 : quagga (CESA-2012:1259)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018868.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d4761e3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:14", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when\n\n --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA. (CVE-2013-2236)", "cvss3": {"score": null, "vector": null}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : quagga (cve_2013_2236_buffer_errors)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:quagga"], "id": "SOLARIS11_QUAGGA_20140721.NASL", "href": "https://www.tenable.com/plugins/nessus/80753", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80753);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2236\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : quagga (cve_2013_2236_buffer_errors)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - Stack-based buffer overflow in the\n new_msg_lsa_change_notify function in the OSPFD API\n (ospf_api.c) in Quagga before 0.99.22.2, when\n\n --enable-opaque-lsa and the -a command line option are\n used, allows remote attackers to cause a denial of\n service (crash) via a large LSA. (CVE-2013-2236)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2013-2236-buffer-errors-vulnerability-in-quagga\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.17.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:quagga\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^quagga$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.17.0.5.0\", sru:\"SRU 11.1.17.5.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : quagga\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_note(port:0, extra:error_extra);\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"quagga\");\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:52:44", "description": "Updated quagga packages fix security vulnerability :\n\nRemotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2 (CVE-2013-2236).\n\nNote: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.", "cvss3": {"score": null, "vector": null}, "published": "2013-10-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : quagga (MDVSA-2013:254)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64quagga-devel", "p-cpe:/a:mandriva:linux:lib64quagga0", "p-cpe:/a:mandriva:linux:quagga", "p-cpe:/a:mandriva:linux:quagga-contrib", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-254.NASL", "href": "https://www.tenable.com/plugins/nessus/70521", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:254. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70521);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-2236\");\n script_bugtraq_id(60955);\n script_xref(name:\"MDVSA\", value:\"2013:254\");\n\n script_name(english:\"Mandriva Linux Security Advisory : quagga (MDVSA-2013:254)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages fix security vulnerability :\n\nRemotely exploitable buffer overflow in ospf_api.c and ospfclient.c\nwhen processing LSA messages in quagga before 0.99.22.2\n(CVE-2013-2236).\n\nNote: We have worked around this vulnerability by disabling the\nospf_api and ospfclient features, which did not provide useful\nfunctionality.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2013-0310.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64quagga0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64quagga-devel-0.99.20.1-4.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64quagga0-0.99.20.1-4.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"quagga-0.99.20.1-4.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"quagga-contrib-0.99.20.1-4.2.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:52:24", "description": "According to its self-reported version number, the installation of Quagga listening on the remote host is potentially affected by a stack-based buffer overflow that occurs in the OSPF API server ('ospf_api.c') when it receives an LSA larger than 1488 bytes. \n\nThe vulnerability is only present when Quagga is compiled with the '--enable-opaque-lsa' flag and the OSPF API server is running (ospfd is run with the '-a' parameter). Exploitation of this issue may lead to a denial of service or arbitrary code execution.", "cvss3": {"score": null, "vector": null}, "published": "2013-11-05T00:00:00", "type": "nessus", "title": "Quagga < 0.99.22.2 OSPF API Buffer Overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236"], "modified": "2019-11-27T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_22_2.NASL", "href": "https://www.tenable.com/plugins/nessus/70761", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70761);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/27\");\n\n script_cve_id(\"CVE-2013-2236\");\n script_bugtraq_id(60955);\n\n script_name(english:\"Quagga < 0.99.22.2 OSPF API Buffer Overflow\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by a buffer overflow\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga listening on the remote host is potentially affected by a\nstack-based buffer overflow that occurs in the OSPF API server\n('ospf_api.c') when it receives an LSA larger than 1488 bytes. \n\nThe vulnerability is only present when Quagga is compiled with the\n'--enable-opaque-lsa' flag and the OSPF API server is running (ospfd is\nrun with the '-a' parameter). Exploitation of this issue may lead to a\ndenial of service or arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.quagga.net/pipermail/quagga-dev/2013-July/010622.html\");\n # http://git.savannah.gnu.org/gitweb/?p=quagga.git;a=commitdiff;h=3f872fe60463a931c5c766dbf8c36870c0023e88\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9cfd7251\");\n script_set_attribute(attribute:\"see_also\", value:\"http://nongnu.askapache.com//quagga/quagga-0.99.22.3.changelog.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.22.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-2236\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/05\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\") audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nfix = \"0.99.22.2\";\nif (ver_compare(ver:ver, fix:fix, strict:FALSE) >= 0) audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nfullver = get_kb_item(kb + \"FullVersion\");\nif (isnull(fullver)) fullver = ver;\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + fullver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\nsecurity_note(port:port, extra:report);\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:56:55", "description": "It was discovered that Quagga incorrectly handled certain malformed messages. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-10-12T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerability (USN-1605-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:quagga", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1605-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62512", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1605-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62512);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"USN\", value:\"1605-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerability (USN-1605-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga incorrectly handled certain malformed\nmessages. A remote attacker could use this flaw to cause Quagga to\ncrash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1605-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.10.04.3\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.04.3\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.10.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.12.04.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:55:14", "description": "Updated quagga package fixes security vulnerability :\n\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message (CVE-2012-1820).", "cvss3": {"score": null, "vector": null}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : quagga (MDVSA-2013:122)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64quagga-devel", "p-cpe:/a:mandriva:linux:lib64quagga0", "p-cpe:/a:mandriva:linux:quagga", "p-cpe:/a:mandriva:linux:quagga-contrib", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-122.NASL", "href": "https://www.tenable.com/plugins/nessus/66134", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:122. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66134);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"MDVSA\", value:\"2013:122\");\n script_xref(name:\"MGASA\", value:\"2012-0133\");\n\n script_name(english:\"Mandriva Linux Security Advisory : quagga (MDVSA-2013:122)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga package fixes security vulnerability :\n\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message (CVE-2012-1820).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64quagga0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64quagga-devel-0.99.20.1-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64quagga0-0.99.20.1-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"quagga-0.99.20.1-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"quagga-contrib-0.99.20.1-4.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-16T14:50:31", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : quagga (ALAS-2012-90)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:quagga", "p-cpe:/a:amazon:linux:quagga-contrib", "p-cpe:/a:amazon:linux:quagga-debuginfo", "p-cpe:/a:amazon:linux:quagga-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-90.NASL", "href": "https://www.tenable.com/plugins/nessus/69697", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-90.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69697);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"ALAS\", value:\"2012-90\");\n\n script_name(english:\"Amazon Linux AMI : quagga (ALAS-2012-90)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-90.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update quagga' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"quagga-0.99.20.1-1.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-contrib-0.99.20.1-1.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-debuginfo-0.99.20.1-1.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-devel-0.99.20.1-1.5.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:02", "description": "Update to the 0.99.21 which fixes various issues. In addition, this update fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 17 : quagga-0.99.21-2.fc17 (2012-9103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-9103.NASL", "href": "https://www.tenable.com/plugins/nessus/59577", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9103.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59577);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"FEDORA\", value:\"2012-9103\");\n\n script_name(english:\"Fedora 17 : quagga-0.99.21-2.fc17 (2012-9103)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the 0.99.21 which fixes various issues. In addition, this\nupdate fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN\nmessage with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817580\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082500.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ceaed9ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"quagga-0.99.21-2.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:21", "description": "CERT reports :\n\nIf a pre-configured BGP peer sends a specially crafted OPEN message with a malformed ORF capability TLV, Quagga bgpd process will erroneously try to consume extra bytes from the input packet buffer.\nThe process will detect a buffer overrun attempt before it happens and immediately terminate with an error message. All BGP sessions established by the attacked router will be closed and its BGP routing disrupted.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-06T00:00:00", "type": "nessus", "title": "FreeBSD : quagga -- BGP OPEN denial of service vulnerability (1e14d46f-af1f-11e1-b242-00215af774f0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:quagga", "p-cpe:/a:freebsd:freebsd:quagga-re", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_1E14D46FAF1F11E1B24200215AF774F0.NASL", "href": "https://www.tenable.com/plugins/nessus/59380", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59380);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"CERT\", value:\"962587\");\n\n script_name(english:\"FreeBSD : quagga -- BGP OPEN denial of service vulnerability (1e14d46f-af1f-11e1-b242-00215af774f0)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CERT reports :\n\nIf a pre-configured BGP peer sends a specially crafted OPEN message\nwith a malformed ORF capability TLV, Quagga bgpd process will\nerroneously try to consume extra bytes from the input packet buffer.\nThe process will detect a buffer overrun attempt before it happens and\nimmediately terminate with an error message. All BGP sessions\nestablished by the attacked router will be closed and its BGP routing\ndisrupted.\"\n );\n # https://vuxml.freebsd.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7a7130fa\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga-re\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"quagga<=0.99.20.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"quagga-re<0.99.17.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:13", "description": "This update fixes CVE-2012-1820.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 15 : quagga-0.99.20.1-2.fc15 (2012-9117)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-9117.NASL", "href": "https://www.tenable.com/plugins/nessus/59579", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9117.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59579);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"FEDORA\", value:\"2012-9117\");\n\n script_name(english:\"Fedora 15 : quagga-0.99.20.1-2.fc15 (2012-9117)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2012-1820.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817580\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082484.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?94b7e00f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"quagga-0.99.20.1-2.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:05", "description": "According to its self-reported version number, the installation of Quagga's BGP daemon listening on the remote host is affected by a denial of service vulnerability. Unauthenticated attackers on the local network can trigger this issue by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering capability TLV in an OPEN message.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.21 BGP Denial of Service Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_21.NASL", "href": "https://www.tenable.com/plugins/nessus/59792", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59792);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/25 18:58:04\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"CERT\", value:\"962587\");\n\n script_name(english:\"Quagga < 0.99.21 BGP Denial of Service Vulnerability\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga's BGP daemon listening on the remote host is affected by a\ndenial of service vulnerability. Unauthenticated attackers on the\nlocal network can trigger this issue by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering\ncapability TLV in an OPEN message.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.21 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7214\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.quagga.net/download/quagga-0.99.21.changelog.txt\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.21\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_note(port:port, extra:report);\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "Update to the 0.99.21 which fixes various issues. In addition, this update fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 16 : quagga-0.99.21-2.fc16 (2012-9116)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-9116.NASL", "href": "https://www.tenable.com/plugins/nessus/59578", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9116.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59578);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"FEDORA\", value:\"2012-9116\");\n\n script_name(english:\"Fedora 16 : quagga-0.99.21-2.fc16 (2012-9116)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the 0.99.21 which fixes various issues. In addition, this\nupdate fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN\nmessage with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817580\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082463.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9edba5e9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"quagga-0.99.21-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "It was discovered that Quagga, a routing daemon, contains a vulnerability in processing the ORF capability in BGP OPEN messages. A malformed OPEN message from a previously configured BGP peer could cause bgpd to crash, causing a denial of service.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Debian DSA-2497-1 : quagga - denial of service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:quagga", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2497.NASL", "href": "https://www.tenable.com/plugins/nessus/59775", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2497. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59775);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"DSA\", value:\"2497\");\n\n script_name(english:\"Debian DSA-2497-1 : quagga - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages. A\nmalformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/quagga\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2497\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the quagga packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"quagga\", reference:\"0.99.20.1-0+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-dbg\", reference:\"0.99.20.1-0+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-doc\", reference:\"0.99.20.1-0+squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-16T02:06:47", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : quagga (ALAS-2012-70)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:quagga", "p-cpe:/a:amazon:linux:quagga-contrib", "p-cpe:/a:amazon:linux:quagga-debuginfo", "p-cpe:/a:amazon:linux:quagga-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-70.NASL", "href": "https://www.tenable.com/plugins/nessus/69677", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-70.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69677);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-0250\");\n script_xref(name:\"ALAS\", value:\"2012-70\");\n\n script_name(english:\"Amazon Linux AMI : quagga (ALAS-2012-70)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure\nlength is smaller than the value in the Length header field.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-70.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update quagga' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"quagga-0.99.20.1-1.4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-contrib-0.99.20.1-1.4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-debuginfo-0.99.20.1-1.4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-devel-0.99.20.1-1.4.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T20:21:10", "description": "Kostya Kortchinsky discovered that Quagga incorrectly handled certain route data when configured with BGP peers enabled for VPNv4. A remote attacker could use this issue to cause Quagga to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-2342)\n\nIt was discovered that Quagga incorrectly handled messages with a large LSA when used in certain configurations. A remote attacker could use this issue to cause Quagga to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-2236).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-25T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : quagga vulnerabilities (USN-2941-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236", "CVE-2016-2342"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:quagga", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2941-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90188", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2941-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90188);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:45\");\n\n script_cve_id(\"CVE-2013-2236\", \"CVE-2016-2342\");\n script_xref(name:\"USN\", value:\"2941-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : quagga vulnerabilities (USN-2941-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Kostya Kortchinsky discovered that Quagga incorrectly handled certain\nroute data when configured with BGP peers enabled for VPNv4. A remote\nattacker could use this issue to cause Quagga to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2016-2342)\n\nIt was discovered that Quagga incorrectly handled messages with a\nlarge LSA when used in certain configurations. A remote attacker could\nuse this issue to cause Quagga to crash, resulting in a denial of\nservice. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-2236).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2941-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.12.04.4\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"quagga\", pkgver:\"0.99.22.4-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"quagga\", pkgver:\"0.99.24.1-2ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:52:17", "description": "Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP routing daemon :\n\n - CVE-2013-2236 A buffer overflow was found in the OSPF API-server (exporting the LSDB and allowing announcement of Opaque-LSAs).\n\n - CVE-2013-6051 bgpd could be crashed through BGP updates. This only affects Wheezy/stable.", "cvss3": {"score": null, "vector": null}, "published": "2013-11-27T00:00:00", "type": "nessus", "title": "Debian DSA-2803-1 : quagga - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236", "CVE-2013-6051"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:quagga", "cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2803.NASL", "href": "https://www.tenable.com/plugins/nessus/71097", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2803. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71097);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2236\", \"CVE-2013-6051\");\n script_bugtraq_id(60955);\n script_xref(name:\"DSA\", value:\"2803\");\n\n script_name(english:\"Debian DSA-2803-1 : quagga - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP\nrouting daemon :\n\n - CVE-2013-2236\n A buffer overflow was found in the OSPF API-server\n (exporting the LSDB and allowing announcement of\n Opaque-LSAs).\n\n - CVE-2013-6051\n bgpd could be crashed through BGP updates. This only\n affects Wheezy/stable.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726724\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/quagga\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/quagga\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2803\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the quagga packages.\n\nFor the oldstable distribution (squeeze), these problems have been\nfixed in version 0.99.20.1-0+squeeze5.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 0.99.22.4-1+wheezy1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"quagga\", reference:\"0.99.20.1-0+squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-dbg\", reference:\"0.99.20.1-0+squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-doc\", reference:\"0.99.20.1-0+squeeze5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"quagga\", reference:\"0.99.22.4-1+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"quagga-dbg\", reference:\"0.99.22.4-1+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"quagga-doc\", reference:\"0.99.22.4-1+wheezy1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:53:13", "description": "This update of quagga fixes two security issues :\n\n - specially crafted OSPF packets could have caused the routing table to be erased. (bnc#822572).\n (CVE-2013-0149)\n\n - local network stack overflow (bnc#828117).\n (CVE-2013-2236)", "cvss3": {"score": null, "vector": null}, "published": "2013-09-20T00:00:00", "type": "nessus", "title": "SuSE 11.2 / 11.3 Security Update : quagga (SAT Patch Numbers 8234 / 8235)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0149", "CVE-2013-2236"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:quagga", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_QUAGGA-130822.NASL", "href": "https://www.tenable.com/plugins/nessus/70020", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70020);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-0149\", \"CVE-2013-2236\");\n\n script_name(english:\"SuSE 11.2 / 11.3 Security Update : quagga (SAT Patch Numbers 8234 / 8235)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of quagga fixes two security issues :\n\n - specially crafted OSPF packets could have caused the\n routing table to be erased. (bnc#822572).\n (CVE-2013-0149)\n\n - local network stack overflow (bnc#828117).\n (CVE-2013-2236)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=828117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0149.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2236.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 8234 / 8235 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"quagga-0.99.15-0.14.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"quagga-0.99.15-0.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-08-19T12:54:32", "description": "From Red Hat Security Advisory 2012:1258 :\n\nUpdated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : quagga (ELSA-2012-1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:quagga", "p-cpe:/a:oracle:linux:quagga-contrib", "p-cpe:/a:oracle:linux:quagga-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/68617", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1258 and \n# Oracle Linux Security Advisory ELSA-2012-1258 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68617);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_bugtraq_id(25634, 42635, 46942, 49784, 52531);\n script_xref(name:\"RHSA\", value:\"2012:1258\");\n\n script_name(english:\"Oracle Linux 5 : quagga (ELSA-2012-1258)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1258 :\n\nUpdated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003022.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:09", "description": "A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-14T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : quagga on SL5.x i386/x86_64 (20120912)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:quagga", "p-cpe:/a:fermilab:scientific_linux:quagga-contrib", "p-cpe:/a:fermilab:scientific_linux:quagga-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120912_QUAGGA_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62094", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62094);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n\n script_name(english:\"Scientific Linux Security Update : quagga on SL5.x i386/x86_64 (20120912)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d\ndaemons will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1209&L=scientific-linux-errata&T=0&P=1762\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?242862fd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected quagga, quagga-contrib and / or quagga-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:06", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-13T00:00:00", "type": "nessus", "title": "RHEL 5 : quagga (RHSA-2012:1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:quagga", "p-cpe:/a:redhat:enterprise_linux:quagga-contrib", "p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo", "p-cpe:/a:redhat:enterprise_linux:quagga-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/62069", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1258. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62069);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_bugtraq_id(46942, 49784, 52531);\n script_xref(name:\"RHSA\", value:\"2012:1258\");\n\n script_name(english:\"RHEL 5 : quagga (RHSA-2012:1258)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1258\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0249\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1258\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"quagga-debuginfo-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:14", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-13T00:00:00", "type": "nessus", "title": "CentOS 5 : quagga (CESA-2012:1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:quagga", "p-cpe:/a:centos:centos:quagga-contrib", "p-cpe:/a:centos:centos:quagga-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/62066", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1258 and \n# CentOS Errata and Security Advisory 2012:1258 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62066);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_bugtraq_id(46942, 49784, 52531);\n script_xref(name:\"RHSA\", value:\"2012:1258\");\n\n script_name(english:\"CentOS 5 : quagga (CESA-2012:1258)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018866.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d6e6aff\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:45:41", "description": "According to its self-reported version number, the installation of Quagga's BGPD listening on the remote host is affected by multiple vulnerabilities :\n\n - A stack-based buffer overflow vulnerability can be triggered by a specially crafted BGP ROUTE-REFRESH message with a malformed Outbound Route Filtering record sent by a pre-configured peer. (CVE-2010-2948)\n\n - A denial of service vulnerability in BGPD can be triggered by a specially crafted UPDATE message with an unknown AS type in an AS path attribute.\n (CVE-2012-0250)", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.17 BGPD Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2948", "CVE-2010-2949", "CVE-2012-0250"], "modified": "2019-12-04T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_17.NASL", "href": "https://www.tenable.com/plugins/nessus/59788", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59788);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2010-2948\", \"CVE-2010-2949\");\n script_bugtraq_id(42635, 42642);\n\n script_name(english:\"Quagga < 0.99.17 BGPD Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga's BGPD listening on the remote host is affected by multiple\nvulnerabilities :\n\n - A stack-based buffer overflow vulnerability can be\n triggered by a specially crafted BGP ROUTE-REFRESH\n message with a malformed Outbound Route Filtering record\n sent by a pre-configured peer. (CVE-2010-2948)\n\n - A denial of service vulnerability in BGPD can be\n triggered by a specially crafted UPDATE message with an\n unknown AS type in an AS path attribute.\n (CVE-2012-0250)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7140\");\n script_set_attribute(attribute:\"see_also\", value:\"http://web.archive.org/web/20110928221629/http://www.quagga.net/download/quagga-0.99.17.changelog.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.17 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-2948\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.17\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_warning(port:port, extra:report);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:18:19", "description": "An update for quagga is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es) :\n\n* A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service. (CVE-2016-1245)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga BGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service. (CVE-2016-2342)\n\n* A denial of service flaw was found in the Quagga BGP routing daemon (bgpd). Under certain circumstances, a remote attacker could send a crafted packet to crash the bgpd daemon resulting in denial of service. (CVE-2016-4049)\n\n* A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose their telnet interface, to crash.\n(CVE-2017-5495)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA (link-state advertisement) packets. A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service. (CVE-2013-2236)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-03-22T00:00:00", "type": "nessus", "title": "RHEL 6 : quagga (RHSA-2017:0794)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:quagga", "p-cpe:/a:redhat:enterprise_linux:quagga-contrib", "p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo", "p-cpe:/a:redhat:enterprise_linux:quagga-devel", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2017-0794.NASL", "href": "https://www.tenable.com/plugins/nessus/97885", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0794. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97885);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2013-2236\", \"CVE-2016-1245\", \"CVE-2016-2342\", \"CVE-2016-4049\", \"CVE-2017-5495\");\n script_xref(name:\"RHSA\", value:\"2017:0794\");\n\n script_name(english:\"RHEL 6 : quagga (RHSA-2017:0794)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for quagga is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe quagga packages contain Quagga, the free network-routing software\nsuite that manages TCP/IP based protocols. Quagga supports the BGP4,\nBGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is\nintended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es) :\n\n* A stack-based buffer overflow flaw was found in the way Quagga\nhandled IPv6 router advertisement messages. A remote attacker could\nuse this flaw to crash the zebra daemon resulting in denial of\nservice. (CVE-2016-1245)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga\nBGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A\nremote attacker could use this flaw to crash the bgpd daemon resulting\nin denial of service. (CVE-2016-2342)\n\n* A denial of service flaw was found in the Quagga BGP routing daemon\n(bgpd). Under certain circumstances, a remote attacker could send a\ncrafted packet to crash the bgpd daemon resulting in denial of\nservice. (CVE-2016-4049)\n\n* A denial of service flaw affecting various daemons in Quagga was\nfound. A remote attacker could use this flaw to cause the various\nQuagga daemons, which expose their telnet interface, to crash.\n(CVE-2017-5495)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga\nOSPFD daemon handled LSA (link-state advertisement) packets. A remote\nattacker could use this flaw to crash the ospfd daemon resulting in\ndenial of service. (CVE-2013-2236)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9\nTechnical Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1245\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4049\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5495\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0794\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"quagga-0.99.15-14.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"quagga-0.99.15-14.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"quagga-0.99.15-14.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"quagga-contrib-0.99.15-14.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"quagga-contrib-0.99.15-14.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"quagga-contrib-0.99.15-14.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"quagga-debuginfo-0.99.15-14.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"quagga-devel-0.99.15-14.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-16T16:17:08", "description": "From Red Hat Security Advisory 2017:0794 :\n\nAn update for quagga is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es) :\n\n* A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service. (CVE-2016-1245)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga BGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service. (CVE-2016-2342)\n\n* A denial of service flaw was found in the Quagga BGP routing daemon (bgpd). Under certain circumstances, a remote attacker could send a crafted packet to crash the bgpd daemon resulting in denial of service. (CVE-2016-4049)\n\n* A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose their telnet interface, to crash.\n(CVE-2017-5495)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA (link-state advertisement) packets. A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service. (CVE-2013-2236)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-03-30T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : quagga (ELSA-2017-0794)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:quagga", "p-cpe:/a:oracle:linux:quagga-contrib", "p-cpe:/a:oracle:linux:quagga-devel", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2017-0794.NASL", "href": "https://www.tenable.com/plugins/nessus/99073", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:0794 and \n# Oracle Linux Security Advisory ELSA-2017-0794 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99073);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2236\", \"CVE-2016-1245\", \"CVE-2016-2342\", \"CVE-2016-4049\", \"CVE-2017-5495\");\n script_xref(name:\"RHSA\", value:\"2017:0794\");\n\n script_name(english:\"Oracle Linux 6 : quagga (ELSA-2017-0794)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:0794 :\n\nAn update for quagga is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe quagga packages contain Quagga, the free network-routing software\nsuite that manages TCP/IP based protocols. Quagga supports the BGP4,\nBGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is\nintended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es) :\n\n* A stack-based buffer overflow flaw was found in the way Quagga\nhandled IPv6 router advertisement messages. A remote attacker could\nuse this flaw to crash the zebra daemon resulting in denial of\nservice. (CVE-2016-1245)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga\nBGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A\nremote attacker could use this flaw to crash the bgpd daemon resulting\nin denial of service. (CVE-2016-2342)\n\n* A denial of service flaw was found in the Quagga BGP routing daemon\n(bgpd). Under certain circumstances, a remote attacker could send a\ncrafted packet to crash the bgpd daemon resulting in denial of\nservice. (CVE-2016-4049)\n\n* A denial of service flaw affecting various daemons in Quagga was\nfound. A remote attacker could use this flaw to cause the various\nQuagga daemons, which expose their telnet interface, to crash.\n(CVE-2017-5495)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga\nOSPFD daemon handled LSA (link-state advertisement) packets. A remote\nattacker could use this flaw to crash the ospfd daemon resulting in\ndenial of service. (CVE-2013-2236)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9\nTechnical Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-March/006802.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"quagga-0.99.15-14.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"quagga-contrib-0.99.15-14.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"quagga-devel-0.99.15-14.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-16T16:21:08", "description": "Security Fix(es) :\n\n - A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service. (CVE-2016-1245)\n\n - A stack-based buffer overflow flaw was found in the way the Quagga BGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service.\n (CVE-2016-2342)\n\n - A denial of service flaw was found in the Quagga BGP routing daemon (bgpd). Under certain circumstances, a remote attacker could send a crafted packet to crash the bgpd daemon resulting in denial of service.\n (CVE-2016-4049)\n\n - A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose their telnet interface, to crash. (CVE-2017-5495)\n\n - A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA (link-state advertisement) packets. A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service. (CVE-2013-2236)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-04-06T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : quagga on SL6.x i386/x86_64 (20170321)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:quagga", "p-cpe:/a:fermilab:scientific_linux:quagga-contrib", "p-cpe:/a:fermilab:scientific_linux:quagga-debuginfo", "p-cpe:/a:fermilab:scientific_linux:quagga-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170321_QUAGGA_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/99223", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99223);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2236\", \"CVE-2016-1245\", \"CVE-2016-2342\", \"CVE-2016-4049\", \"CVE-2017-5495\");\n\n script_name(english:\"Scientific Linux Security Update : quagga on SL6.x i386/x86_64 (20170321)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A stack-based buffer overflow flaw was found in the way\n Quagga handled IPv6 router advertisement messages. A\n remote attacker could use this flaw to crash the zebra\n daemon resulting in denial of service. (CVE-2016-1245)\n\n - A stack-based buffer overflow flaw was found in the way\n the Quagga BGP routing daemon (bgpd) handled Labeled-VPN\n SAFI routes data. A remote attacker could use this flaw\n to crash the bgpd daemon resulting in denial of service.\n (CVE-2016-2342)\n\n - A denial of service flaw was found in the Quagga BGP\n routing daemon (bgpd). Under certain circumstances, a\n remote attacker could send a crafted packet to crash the\n bgpd daemon resulting in denial of service.\n (CVE-2016-4049)\n\n - A denial of service flaw affecting various daemons in\n Quagga was found. A remote attacker could use this flaw\n to cause the various Quagga daemons, which expose their\n telnet interface, to crash. (CVE-2017-5495)\n\n - A stack-based buffer overflow flaw was found in the way\n the Quagga OSPFD daemon handled LSA (link-state\n advertisement) packets. A remote attacker could use this\n flaw to crash the ospfd daemon resulting in denial of\n service. (CVE-2013-2236)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1704&L=scientific-linux-errata&F=&S=&P=2144\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bde33ae9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"quagga-0.99.15-14.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"quagga-contrib-0.99.15-14.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"quagga-debuginfo-0.99.15-14.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"quagga-devel-0.99.15-14.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-16T16:17:01", "description": "An update for quagga is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es) :\n\n* A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service. (CVE-2016-1245)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga BGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service. (CVE-2016-2342)\n\n* A denial of service flaw was found in the Quagga BGP routing daemon (bgpd). Under certain circumstances, a remote attacker could send a crafted packet to crash the bgpd daemon resulting in denial of service. (CVE-2016-4049)\n\n* A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose their telnet interface, to crash.\n(CVE-2017-5495)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA (link-state advertisement) packets. A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service. (CVE-2013-2236)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-03-27T00:00:00", "type": "nessus", "title": "CentOS 6 : quagga (CESA-2017:0794)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:quagga", "p-cpe:/a:centos:centos:quagga-contrib", "p-cpe:/a:centos:centos:quagga-devel", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2017-0794.NASL", "href": "https://www.tenable.com/plugins/nessus/97961", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0794 and \n# CentOS Errata and Security Advisory 2017:0794 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97961);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-2236\", \"CVE-2016-1245\", \"CVE-2016-2342\", \"CVE-2016-4049\", \"CVE-2017-5495\");\n script_xref(name:\"RHSA\", value:\"2017:0794\");\n\n script_name(english:\"CentOS 6 : quagga (CESA-2017:0794)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for quagga is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe quagga packages contain Quagga, the free network-routing software\nsuite that manages TCP/IP based protocols. Quagga supports the BGP4,\nBGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is\nintended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es) :\n\n* A stack-based buffer overflow flaw was found in the way Quagga\nhandled IPv6 router advertisement messages. A remote attacker could\nuse this flaw to crash the zebra daemon resulting in denial of\nservice. (CVE-2016-1245)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga\nBGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A\nremote attacker could use this flaw to crash the bgpd daemon resulting\nin denial of service. (CVE-2016-2342)\n\n* A denial of service flaw was found in the Quagga BGP routing daemon\n(bgpd). Under certain circumstances, a remote attacker could send a\ncrafted packet to crash the bgpd daemon resulting in denial of\nservice. (CVE-2016-4049)\n\n* A denial of service flaw affecting various daemons in Quagga was\nfound. A remote attacker could use this flaw to cause the various\nQuagga daemons, which expose their telnet interface, to crash.\n(CVE-2017-5495)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga\nOSPFD daemon handled LSA (link-state advertisement) packets. A remote\nattacker could use this flaw to crash the ospfd daemon resulting in\ndenial of service. (CVE-2013-2236)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9\nTechnical Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-March/003917.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06a1a5d3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-5495\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-0.99.15-14.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-contrib-0.99.15-14.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-devel-0.99.15-14.el6\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-16T16:50:53", "description": "The remote NewStart CGSL host, running version MAIN 4.05, has quagga packages installed that are affected by multiple vulnerabilities:\n\n - A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose their telnet interface, to crash. (CVE-2017-5495)\n\n - A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service. (CVE-2016-1245)\n\n - A denial of service flaw was found in the Quagga BGP routing daemon (bgpd). Under certain circumstances, a remote attacker could send a crafted packet to crash the bgpd daemon resulting in denial of service.\n (CVE-2016-4049)\n\n - A stack-based buffer overflow flaw was found in the way the Quagga BGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service.\n (CVE-2016-2342)\n\n - A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA (link-state advertisement) packets. A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service. (CVE-2013-2236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 4.05 : quagga Multiple Vulnerabilities (NS-SA-2019-0101)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2022-05-19T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0101_QUAGGA.NASL", "href": "https://www.tenable.com/plugins/nessus/127329", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0101. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127329);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2013-2236\",\n \"CVE-2016-1245\",\n \"CVE-2016-2342\",\n \"CVE-2016-4049\",\n \"CVE-2017-5495\"\n );\n\n script_name(english:\"NewStart CGSL MAIN 4.05 : quagga Multiple Vulnerabilities (NS-SA-2019-0101)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.05, has quagga packages installed that are affected by multiple\nvulnerabilities:\n\n - A denial of service flaw affecting various daemons in\n Quagga was found. A remote attacker could use this flaw\n to cause the various Quagga daemons, which expose their\n telnet interface, to crash. (CVE-2017-5495)\n\n - A stack-based buffer overflow flaw was found in the way\n Quagga handled IPv6 router advertisement messages. A\n remote attacker could use this flaw to crash the zebra\n daemon resulting in denial of service. (CVE-2016-1245)\n\n - A denial of service flaw was found in the Quagga BGP\n routing daemon (bgpd). Under certain circumstances, a\n remote attacker could send a crafted packet to crash the\n bgpd daemon resulting in denial of service.\n (CVE-2016-4049)\n\n - A stack-based buffer overflow flaw was found in the way\n the Quagga BGP routing daemon (bgpd) handled Labeled-VPN\n SAFI routes data. A remote attacker could use this flaw\n to crash the bgpd daemon resulting in denial of service.\n (CVE-2016-2342)\n\n - A stack-based buffer overflow flaw was found in the way\n the Quagga OSPFD daemon handled LSA (link-state\n advertisement) packets. A remote attacker could use this\n flaw to crash the ospfd daemon resulting in denial of\n service. (CVE-2013-2236)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0101\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL quagga packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-2342\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2016-1245\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.05\": [\n \"quagga-0.99.15-14.el6\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:49", "description": "\n\nCERT reports:\n\nThe ospfd implementation of OSPF in Quagga allows a remote\n\t attacker (on a local network segment with OSPF enabled) to cause\n\t a denial of service (daemon aborts due to an assert) with a\n\t malformed OSPF LS-Update message.\nThe ospfd implementation of OSPF in Quagga allows a remote\n\t attacker (on a local network segment with OSPF enabled) to cause\n\t a denial of service (daemon crash) with a malformed OSPF Network-\n\t LSA message.\nThe bgpd implementation of BGP in Quagga allows remote attackers\n\t to cause a denial of service (daemon aborts due to an assert) via\n\t BGP Open message with an invalid AS4 capability.\n\n\n", "cvss3": {}, "published": "2012-03-23T00:00:00", "type": "freebsd", "title": "quagga -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-03-26T00:00:00", "id": "42A2C82A-75B9-11E1-89B4-001EC9578670", "href": "https://vuxml.freebsd.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-19T16:03:49", "description": "\n\nCERT reports:\n\nIf a pre-configured BGP peer sends a specially-crafted OPEN\n\t message with a malformed ORF capability TLV, Quagga bgpd process\n\t will erroneously try to consume extra bytes from the input packet\n\t buffer. The process will detect a buffer overrun attempt before\n\t it happens and immediately terminate with an error message. All\n\t BGP sessions established by the attacked router will be closed\n\t and its BGP routing disrupted.\n\n\n", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "freebsd", "title": "quagga -- BGP OPEN denial of service vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-04T00:00:00", "id": "1E14D46F-AF1F-11E1-B242-00215AF774F0", "href": "https://vuxml.freebsd.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2021-09-28T17:50:52", "description": "### Overview\n\nQuagga, a routing software suite, contains multiple vulnerabilities that result in a denial-of-service condition.\n\n### Description\n\nQuagga 0.99.20 and previous versions are susceptible to various denial-of-service conditions. The Quagga advisories state the following:\n\n**_CVE-2012-0249_****_: _****_E_****_rror in OSPF parsing LS-Update messages Can Cause a Crash of Quagga ospfd_** \n_The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon aborts due to an assert) with a malformed OSPF LS-Update message._ \n \n_Program Impacted: Quagga (ospfd)_ \n \n_Description:_ \n_OSPFv2 implementation in Quagga version 0.99.20 and before does not perform a proper length check for a received LS-Update OSPF packet. A received packet, which has actually less bytes, than it is declared in its header, causes a buffer overflow, which immediately leads to a crash of OSPF protocol process and subsequent disruption of IPv4 routing._ \n \n_Like many other OSPF cases, exploiting this vulnerability requires an ability to form an OSPF adjacency with the attacked OSPF router and initiate a database exchange process with it. Usual OSPF security precautions (including MD5 authentication) may lower the risk of such event. Upgrading to a patched version of Quagga is recommended regardless of any other measures taken._ \n \n**_CVE-2012-0250: Error in OSPF parsing Network-LSA messages Can Cause a Crash of Quagga ospfd_** \n_The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon crash) with a malformed OSPF Network-LSA message._ \n \n_Program Impacted: Quagga (ospfd)_ \n \n_Description:_ \n_OSPFv2 implementation in Quagga version 0.99.20 and before does not perform a proper length check of the Network-LSA structures contained in an LS-Update OSPF packet. When an otherwise correct LS-Update OSPF packet contains a Network-LSA structure, which has its \"Length\" header field set to value bigger than the actual number of bytes in the buffer, a buffer overflow happens. This immediately leads to a crash of OSPF protocol process and subsequent disruption of IPv4 routing._ \n \n_Like many other OSPF cases, exploiting this vulnerability requires an ability to form an OSPF adjacency with the attacked OSPF router and initiate a database exchange process with it. Usual OSPF security precautions (including MD5 authentication) may lower the risk of such event. Upgrading to a patched version of Quagga is recommended regardless of any other measures taken._ \n \n**_CVE-2012-0255: Error in BGP OPEN Message parsing Can Cause a Crash of Quagga bgpd_** \n_The bgpd implementation of BGP in Quagga up to (and including) 0.99.20 allows remote attackers to cause a denial of service (daemon aborts due to an assert) via BGP Open message with an invalid AS4 capability._ \n \n_Program Impacted: Quagga (bgpd)_ \n \n_Description:_ \n_BGP implementation in Quagga version 0.99.20 and before contains an error in processing malformed AS4 capability in the BGP OPEN message which leads to a abort (daemon aborts due to an assert) of the BGP protocol process and subsequent disruption of IP routing. When an OPEN with a malformed AS4 capability message is detected, the code fails to flush the message buffers for the peer. When the peer next connects and sends a message, the code will attempt to parse the stale, half-consumed data in the message buffer as it were a fresh BGP message. This leads to an assert and exit of the BGP daemon in the BGP OPEN message parsing code._ \n \n_The vulnerability is not restricted to BGP neighbors with 4-byte AS but can only be done from any configured peers (or sources spoofing the IP of a configured peer). The potential exists for this condition to be intentionally triggered, resulting in effective denial of service by crashing the BGPd. Usual BGP security precautions (including BGP MD5 authentication) may lower the risk of such event._ \n \n--- \n \n### Impact\n\nA remote attacker may be able to cause a denial-of-service condition. \n \n--- \n \n### Solution\n\n**Apply an Update** \n \nUpgrade to [Quagga 0.99.20.1](<http://download.savannah.gnu.org/releases/quagga/>) either through the GIT master version or by applying a patch. \n \n--- \n \nFor CVE-2012-0255, the following workaround exists: Shutdown sessions to any peers you can not trust, or where you can not ensure the security of the control-plane. \n \n--- \n \n### Vendor Information\n\n551715\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Quagga Affected\n\nNotified: March 07, 2012 Updated: March 21, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett-Packard Company Not Affected\n\nNotified: March 13, 2012 Updated: March 15, 2012 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Infoblox Not Affected\n\nNotified: March 13, 2012 Updated: March 28, 2012 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Debian GNU/Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### FreeBSD Project Unknown\n\nNotified: March 20, 2012 Updated: March 20, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Google Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mandriva S. A. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: March 20, 2012 Updated: March 20, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: March 20, 2012 Updated: March 20, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Openwall GNU/*/Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Red Hat, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SafeNet Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sun Microsystems, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ubuntu Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 27 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 6.1 | AV:A/AC:L/Au:N/C:N/I:N/A:C \nTemporal | 4.8 | E:POC/RL:OF/RC:C \nEnvironmental | 4.8 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n * <http://www.nongnu.org/quagga/>\n * <https://bugzilla.quagga.net/show_bug.cgi?id=705>\n\n### Acknowledgements\n\nThanks to Martin Winter at OpenSourceRouting.org for reporting these vulnerabilities, MU Dynamics for their sponsorship of the protocol fuzzer which uncovered these issues, and Denis Ovsienko & Paul Jakma for fixing the issues.\n\nThis document was written by Jared Allar.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2012-0249](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0249>), [CVE-2012-0250](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0250>), [CVE-2012-0255](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0255>) \n---|--- \n**Severity Metric:** | 1.50 \n**Date Public:** | 2012-03-23 \n**Date First Published:** | 2012-03-23 \n**Date Last Updated: ** | 2012-03-28 12:09 UTC \n**Document Revision: ** | 43 \n", "cvss3": {}, "published": "2012-03-23T00:00:00", "type": "cert", "title": "Quagga contains multiple vulnerabilities", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-03-28T12:09:00", "id": "VU:551715", "href": "https://www.kb.cert.org/vuls/id/551715", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-28T17:50:49", "description": "### Overview\n\nQuagga, a routing software suite, contains a BGP OPEN vulnerability that result in a denial-of-service condition.\n\n### Description\n\nCVE-2012-1820: Quagga version 0.99.20.1 and before contains a bug in BGP OPEN message handling. \n\n\n_Program Impacted: bgpd: fix DoS in bgp_capability_orf() \n \nDescription:_ \n_If a pre-configured BGP peer sends a specially-crafted OPEN message with a malformed ORF capability TLV, Quagga bgpd process will erroneously try to consume extra bytes from the input packet buffer. The process will detect a buffer overrun attempt before it happens and immediately terminate with an error message. All BGP sessions established by the attacked router will be closed and its BGP routing disrupted._ \n \n_An ORF (code 3) capability TLV is defined to contain exactly one AFI/SAFI block. Function bgp_capability_orf(), which parses ORF capability TLV, uses do-while cycle to call its helper function bgp_capability_orf_entry(), which actually processes the AFI/SAFI data block. The call is made at least once and repeated as long as the input buffer has enough data for the next call. \n \nThe helper function, bgp_capability_orf_entry(), uses \"Number of ORFs\" field of the provided AFI/SAFI block to verify, if it fits the input buffer. However, the check is made based on the total length of the ORF TLV regardless of the data already consumed by the previous helper function call(s). This way, the check condition is only valid for the first AFI/SAFI block inside an ORF capability TLV._ \n_ \nFor the subsequent calls of the helper function, if any are made, the check condition may erroneously tell, that the current \"Number of ORFs\" field fits the buffer boundary, where in fact it does not. This makes it possible to trigger an assertion by feeding an OPEN message with a specially-crafted malformed ORF capability TLV._ \n \n \n--- \n \n### Impact\n\nA denial-of-service condition can be caused by an attacker controlling one of the pre-configured BGP peers. In most cases this means, that the attack must be originated from an adjacent network. \n \n--- \n \n### Solution\n\nWe are currently unaware of a practical solution to this problem. \n \n--- \n \n### Vendor Information\n\n962587\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian GNU/Linux Affected\n\nNotified: April 25, 2012 Updated: April 26, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Infoblox Affected\n\nNotified: April 25, 2012 Updated: April 26, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Openwall GNU/*/Linux Not Affected\n\nNotified: April 25, 2012 Updated: April 26, 2012 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Google Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett-Packard Company Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mandriva S. A. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Red Hat, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SafeNet Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sun Microsystems, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ubuntu Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vyatta Unknown\n\nNotified: May 11, 2012 Updated: May 11, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 24 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 5.5 | AV:A/AC:L/Au:S/C:N/I:N/A:C \nTemporal | 4.5 | E:F/RL:OF/RC:C \nEnvironmental | 5 | CDP:L/TD:H/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n<http://www.nongnu.org/quagga/>\n\n### Acknowledgements\n\nThanks to Denis Ovsienko for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2012-1820](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-1820>) \n---|--- \n**Date Public:** | 2012-06-03 \n**Date First Published:** | 2012-06-04 \n**Date Last Updated: ** | 2012-06-11 14:04 UTC \n**Document Revision: ** | 13 \n", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "cert", "title": "Quagga BGP OPEN denial of service vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-11T14:04:00", "id": "VU:962587", "href": "https://www.kb.cert.org/vuls/id/962587", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2021-10-21T23:57:32", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2459-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nApril 26, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : quagga\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-0249 CVE-2012-0250 CVE-2012-0255\n\nSeveral vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\nCVE-2012-0249\n\tA buffer overflow in the ospf_ls_upd_list_lsa function in the\n\tOSPFv2 implementation allows remote attackers to cause a\n\tdenial of service (assertion failure and daemon exit) via a\n\tLink State Update (aka LS Update) packet that is smaller than\n\tthe length specified in its header.\n\nCVE-2012-0250\n\tA buffer overflow in the OSPFv2 implementation allows remote\n\tattackers to cause a denial of service (daemon crash) via a\n\tLink State Update (aka LS Update) packet containing a\n\tnetwork-LSA link-state advertisement for which the\n\tdata-structure length is smaller than the value in the Length\n\theader field.\n\nCVE-2012-0255\n\tThe BGP implementation does not properly use message buffers\n\tfor OPEN messages, which allows remote attackers impersonating\n\ta configured BGP peer to cause a denial of service (assertion\n\tfailure and daemon exit) via a message associated with a\n\tmalformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\nWe recommend that you upgrade your quagga packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-04-26T05:56:28", "type": "debian", "title": "[SECURITY] [DSA 2459-1] quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-26T05:56:28", "id": "DEBIAN:DSA-2459-1:6BDF4", "href": "https://lists.debian.org/debian-security-announce/2012/msg00092.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T23:51:04", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2497-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJune 20, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : quagga\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-1820\nDebian Bug : 676510\n\nIt was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\n\nWe recommend that you upgrade your quagga packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-06-20T20:30:09", "type": "debian", "title": "[SECURITY] [DSA 2497-1] quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-20T20:30:09", "id": "DEBIAN:DSA-2497-1:C0241", "href": "https://lists.debian.org/debian-security-announce/2012/msg00137.html", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T23:25:35", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2803-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nNovember 26, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : quagga\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-2236 CVE-2013-6051\nDebian Bug : 730513 726724\n\nMultiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP \nrouting daemon:\n\nCVE-2013-2236\n\n A buffer overflow was found in the OSPF API-server (exporting the LSDB \n and allowing announcement of Opaque-LSAs).\n\nCVE-2013-6051\n\n bgpd could be crashed through BGP updates. This only affects Wheezy/stable.\n\nFor the oldstable distribution (squeeze), these problems have been fixed in\nversion 0.99.20.1-0+squeeze5.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 0.99.22.4-1+wheezy1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.99.22.4-1.\n\nWe recommend that you upgrade your quagga packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-11-26T16:13:10", "type": "debian", "title": "[SECURITY] [DSA 2803-1] quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2236", "CVE-2013-6051"], "modified": "2013-11-26T16:13:10", "id": "DEBIAN:DSA-2803-1:52CB4", "href": "https://lists.debian.org/debian-security-announce/2013/msg00217.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-04-20T03:07:24", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: quagga-0.99.20.1-1.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-20T03:07:24", "id": "FEDORA:520CC20C2F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XCM4W7KJMKLEEFZXGPD3I4TQOUDRPRW2/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-04-22T03:43:44", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: quagga-0.99.20.1-1.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-22T03:43:44", "id": "FEDORA:2C9CC214AD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WYTH7OITP6TDAWBVWEF526S5HJIY5PXM/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-04-22T03:48:42", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: quagga-0.99.20.1-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-22T03:48:42", "id": "FEDORA:339B620DE9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HXFGW4KRPATLU26PXXSVAGM63RLYZ57I/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Quagga is free software that operates TCP/IP-based routing protocols. It ta kes a multi-server and multi-threaded approach to resolving the current complex ity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-06-19T14:55:47", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: quagga-0.99.21-2.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-19T14:55:47", "id": "FEDORA:DF7CB20842", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QPKVHLYKPWKPX5KUUQHVRL5F35WSSKCU/", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Quagga is free software that operates TCP/IP-based routing protocols. It ta kes a multi-server and multi-threaded approach to resolving the current complex ity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-06-19T15:07:44", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: quagga-0.99.21-2.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-19T15:07:44", "id": "FEDORA:B7DAD209CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/66J7PDKMF4UY477NIZWZW5Y6NOLKGZN6/", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-06-19T15:02:10", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: quagga-0.99.20.1-2.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2012-1820"], "modified": "2012-06-19T15:02:10", "id": "FEDORA:CF10E20C82", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4MC4MKME2QCNBNC7MICTNKJJYDTJHOOI/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T13:05:48", "description": "It was discovered that Quagga incorrectly handled Link State Update \nmessages with invalid lengths. A remote attacker could use this flaw to \ncause Quagga to crash, resulting in a denial of service. (CVE-2012-0249, \nCVE-2012-0250)\n\nIt was discovered that Quagga incorrectly handled messages with a malformed \nFour-octet AS Number Capability. A remote attacker could use this flaw to \ncause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)\n", "cvss3": {}, "published": "2012-05-15T00:00:00", "type": "ubuntu", "title": "Quagga vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250", "CVE-2012-0249", "CVE-2012-0255"], "modified": "2012-05-15T00:00:00", "id": "USN-1441-1", "href": "https://ubuntu.com/security/notices/USN-1441-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-04T13:02:23", "description": "It was discovered that Quagga incorrectly handled certain malformed \nmessages. A remote attacker could use this flaw to cause Quagga to crash, \nresulting in a denial of service.\n", "cvss3": {}, "published": "2012-10-11T00:00:00", "type": "ubuntu", "title": "Quagga vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-10-11T00:00:00", "id": "USN-1605-1", "href": "https://ubuntu.com/security/notices/USN-1605-1", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-04T12:29:14", "description": "Kostya Kortchinsky discovered that Quagga incorrectly handled certain route \ndata when configured with BGP peers enabled for VPNv4. A remote attacker \ncould use this issue to cause Quagga to crash, resulting in a denial of \nservice, or possibly execute arbitrary code. (CVE-2016-2342)\n\nIt was discovered that Quagga incorrectly handled messages with a large \nLSA when used in certain configurations. A remote attacker could use this \nissue to cause Quagga to crash, resulting in a denial of service. This \nissue only affected Ubuntu 12.04 LTS. (CVE-2013-2236)\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-24T00:00:00", "type": "ubuntu", "title": "Quagga vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2236", "CVE-2016-2342"], "modified": "2016-03-24T00:00:00", "id": "USN-2941-1", "href": "https://ubuntu.com/security/notices/USN-2941-1", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-08-10T07:09:26", "description": "\nSeveral vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\n\n* [CVE-2012-0249](https://security-tracker.debian.org/tracker/CVE-2012-0249)\nA buffer overflow in the ospf\\_ls\\_upd\\_list\\_lsa function in the\n OSPFv2 implementation allows remote attackers to cause a\n denial of service (assertion failure and daemon exit) via a\n Link State Update (aka LS Update) packet that is smaller than\n the length specified in its header.\n* [CVE-2012-0250](https://security-tracker.debian.org/tracker/CVE-2012-0250)\nA buffer overflow in the OSPFv2 implementation allows remote\n attackers to cause a denial of service (daemon crash) via a\n Link State Update (aka LS Update) packet containing a\n network-LSA link-state advertisement for which the\n data-structure length is smaller than the value in the Length\n header field.\n* [CVE-2012-0255](https://security-tracker.debian.org/tracker/CVE-2012-0255)\nThe BGP implementation does not properly use message buffers\n for OPEN messages, which allows remote attackers impersonating\n a configured BGP peer to cause a denial of service (assertion\n failure and daemon exit) via a message associated with a\n malformed AS4 capability.\n\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze2.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "osv", "title": "quagga - regression", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2022-08-10T07:08:53", "id": "OSV:DSA-2459-2", "href": "https://osv.dev/vulnerability/DSA-2459-2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:09:27", "description": "\nSeveral vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\n\n* [CVE-2012-0249](https://security-tracker.debian.org/tracker/CVE-2012-0249)\nA buffer overflow in the ospf\\_ls\\_upd\\_list\\_lsa function in the\n OSPFv2 implementation allows remote attackers to cause a\n denial of service (assertion failure and daemon exit) via a\n Link State Update (aka LS Update) packet that is smaller than\n the length specified in its header.\n* [CVE-2012-0250](https://security-tracker.debian.org/tracker/CVE-2012-0250)\nA buffer overflow in the OSPFv2 implementation allows remote\n attackers to cause a denial of service (daemon crash) via a\n Link State Update (aka LS Update) packet containing a\n network-LSA link-state advertisement for which the\n data-structure length is smaller than the value in the Length\n header field.\n* [CVE-2012-0255](https://security-tracker.debian.org/tracker/CVE-2012-0255)\nThe BGP implementation does not properly use message buffers\n for OPEN messages, which allows remote attackers impersonating\n a configured BGP peer to cause a denial of service (assertion\n failure and daemon exit) via a message associated with a\n malformed AS4 capability.\n\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze2.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "osv", "title": "quagga - several", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2022-08-10T07:08:53", "id": "OSV:DSA-2459-1", "href": "https://osv.dev/vulnerability/DSA-2459-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-21T08:30:44", "description": "\nIt was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2012-06-20T00:00:00", "type": "osv", "title": "quagga - denial of service", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2022-07-21T05:47:44", "id": "OSV:DSA-2497-1", "href": "https://osv.dev/vulnerability/DSA-2497-1", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:08:22", "description": "\nMultiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP \nrouting daemon:\n\n\n* [CVE-2013-2236](https://security-tracker.debian.org/tracker/CVE-2013-2236)\nA buffer overflow was found in the OSPF API-server (exporting the LSDB \n and allowing announcement of Opaque-LSAs).\n* [CVE-2013-6051](https://security-tracker.debian.org/tracker/CVE-2013-6051)\nbgpd could be crashed through BGP updates. This only affects Wheezy/stable.\n\n\nFor the oldstable distribution (squeeze), these problems have been fixed in\nversion 0.99.20.1-0+squeeze5.\n\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 0.99.22.4-1+wheezy1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.99.22.4-1.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2013-11-26T00:00:00", "type": "osv", "title": "quagga - several", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2236", "CVE-2013-6051"], "modified": "2022-08-10T07:08:04", "id": "OSV:DSA-2803-1", "href": "https://osv.dev/vulnerability/DSA-2803-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-19T18:38:49", "description": "Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN\nmessages. A configured BGP peer could cause bgpd on a target system to\nabort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\nCVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\nCVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\nTaimisto of the Codenomicon CROSS project as the original reporters of\nCVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\nCVE-2011-3326. The CERT/CC acknowledges Martin Winter at\nOpenSourceRouting.org as the original reporter of CVE-2012-0249,\nCVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original\nreporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "redhat", "title": "(RHSA-2012:1259) Moderate: quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2018-06-06T16:24:34", "id": "RHSA-2012:1259", "href": "https://access.redhat.com/errata/RHSA-2012:1259", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T04:42:43", "description": "Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A configured\nBGP peer could crash bgpd on a target system via a specially-crafted BGP\nmessage. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\nproject as the original reporters of CVE-2011-3327, CVE-2011-3323,\nCVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\nMartin Winter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "redhat", "title": "(RHSA-2012:1258) Moderate: quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2017-09-08T07:54:37", "id": "RHSA-2012:1258", "href": "https://access.redhat.com/errata/RHSA-2012:1258", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:00", "description": "The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es):\n\n* A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service. (CVE-2016-1245)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga BGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service. (CVE-2016-2342)\n\n* A denial of service flaw was found in the Quagga BGP routing daemon (bgpd). Under certain circumstances, a remote attacker could send a crafted packet to crash the bgpd daemon resulting in denial of service. (CVE-2016-4049)\n\n* A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose their telnet interface, to crash. (CVE-2017-5495)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA (link-state advertisement) packets. A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service. (CVE-2013-2236)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-21T06:17:51", "type": "redhat", "title": "(RHSA-2017:0794) Moderate: quagga security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2018-06-07T14:23:16", "id": "RHSA-2017:0794", "href": "https://access.redhat.com/errata/RHSA-2017:0794", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2022-02-27T11:55:22", "description": "**CentOS Errata and Security Advisory** CESA-2012:1259\n\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN\nmessages. A configured BGP peer could cause bgpd on a target system to\nabort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\nCVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\nCVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\nTaimisto of the Codenomicon CROSS project as the original reporters of\nCVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\nCVE-2011-3326. The CERT/CC acknowledges Martin Winter at\nOpenSourceRouting.org as the original reporter of CVE-2012-0249,\nCVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original\nreporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-September/055787.html\n\n**Affected packages:**\nquagga\nquagga-contrib\nquagga-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:1259", "cvss3": {}, "published": "2012-09-12T23:23:05", "type": "centos", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2012-09-12T23:23:05", "id": "CESA-2012:1259", "href": "https://lists.centos.org/pipermail/centos-announce/2012-September/055787.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-27T11:55:22", "description": "**CentOS Errata and Security Advisory** CESA-2012:1258\n\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A configured\nBGP peer could crash bgpd on a target system via a specially-crafted BGP\nmessage. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\nproject as the original reporters of CVE-2011-3327, CVE-2011-3323,\nCVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\nMartin Winter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-September/055785.html\n\n**Affected packages:**\nquagga\nquagga-contrib\nquagga-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:1258", "cvss3": {}, "published": "2012-09-12T21:45:33", "type": "centos", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2012-09-12T21:45:33", "id": "CESA-2012:1258", "href": "https://lists.centos.org/pipermail/centos-announce/2012-September/055785.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-27T16:06:20", "description": "**CentOS Errata and Security Advisory** CESA-2017:0794\n\n\nThe quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es):\n\n* A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service. (CVE-2016-1245)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga BGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service. (CVE-2016-2342)\n\n* A denial of service flaw was found in the Quagga BGP routing daemon (bgpd). Under certain circumstances, a remote attacker could send a crafted packet to crash the bgpd daemon resulting in denial of service. (CVE-2016-4049)\n\n* A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose their telnet interface, to crash. (CVE-2017-5495)\n\n* A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA (link-state advertisement) packets. A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service. (CVE-2013-2236)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-March/016807.html\n\n**Affected packages:**\nquagga\nquagga-contrib\nquagga-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2017:0794", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-24T15:42:29", "type": "centos", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2017-03-24T15:42:29", "id": "CESA-2017:0794", "href": "https://lists.centos.org/pipermail/centos-cr-announce/2017-March/016807.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:44", "description": "Multiple memory corruptions on OSPF and BGP packets parsing.", "edition": 1, "cvss3": {}, "published": "2011-10-10T00:00:00", "title": "quagga route daemon multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2011-10-10T00:00:00", "id": "SECURITYVULNS:VULN:11957", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11957", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:53", "description": "OSPF parsing buffer overflow, BGP DoS.", "edition": 1, "cvss3": {}, "published": "2013-12-01T00:00:00", "title": "quagga security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6051", "CVE-2013-2236"], "modified": "2013-12-01T00:00:00", "id": "SECURITYVULNS:VULN:13436", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13436", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:49", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2803-1 security@debian.org\r\nhttp://www.debian.org/security/ Moritz Muehlenhoff\r\nNovember 26, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : quagga\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2013-2236 CVE-2013-6051\r\nDebian Bug : 730513 726724\r\n\r\nMultiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP \r\nrouting daemon:\r\n\r\nCVE-2013-2236\r\n\r\n A buffer overflow was found in the OSPF API-server (exporting the LSDB \r\n and allowing announcement of Opaque-LSAs).\r\n\r\nCVE-2013-6051\r\n\r\n bgpd could be crashed through BGP updates. This only affects Wheezy/stable.\r\n\r\nFor the oldstable distribution (squeeze), these problems have been fixed in\r\nversion 0.99.20.1-0+squeeze5.\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 0.99.22.4-1+wheezy1.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 0.99.22.4-1.\r\n\r\nWe recommend that you upgrade your quagga packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.15 (GNU/Linux)\r\n\r\niEYEARECAAYFAlKUyFsACgkQXm3vHE4uylouHQCeNCxgOv9G1tH64xIrkFeU4uii\r\nrvAAoIzFahZs7T2On3ppR7ivv3Q4YSuQ\r\n=6ZKz\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2013-12-01T00:00:00", "title": "[SECURITY] [DSA 2803-1] quagga security update", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6051", "CVE-2013-2236"], "modified": "2013-12-01T00:00:00", "id": "SECURITYVULNS:DOC:30043", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30043", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2021-07-30T06:24:35", "description": "[0.99.15-14]\n- Resolves: #1416013 - CVE-2017-5495 quagga: Telnet interface input buffer allocates unbounded amounts of memory\n[0.99.15-13]\n- fix path of ripd pid file (#842308)\n[0.99.15-12]\n- fix start() function in watchqugga initscript (#862826, #1208617)\n[0.99.15-11]\n- fix for CVE-2013-2236 (#1391918)\n- fix for CVE-2016-1245 (#1391914)\n- fix for CVE-2016-2342 (#1391916)\n- fix for CVE-2016-4049 (#1391919)\n[0.99.15-11]\n- ospf6d: Fix crash when '[no] ipv6 ospf6 advertise prefix-list' is in startup-config (#770731)\n[0.99.15-10]\n- add watchquagga initscript (#862826, #1208617)\n- remove pidfile when service is stopped (#842308)\n- use QCONFDIR correctly in initscripts (#839620)\n- include watchquagga and ospfclient manpages (#674862)\n[0.99.15-9]\n- improve fix for CVE-2011-3325\n[0.99.15-8]\n- fix CVE-2011-3323\n- fix CVE-2011-3324\n- fix CVE-2011-3325\n- fix CVE-2011-3326\n- fix CVE-2011-3327\n- fix CVE-2012-0255\n- fix CVE-2012-0249 and CVE-2012-0250\n- fix CVE-2012-1820", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-27T00:00:00", "type": "oraclelinux", "title": "quagga security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2017-03-27T00:00:00", "id": "ELSA-2017-0794", "href": "http://linux.oracle.com/errata/ELSA-2017-0794.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:26", "description": "[0.99.15-7.2]\n- improve fix for CVE-2011-3325\n[0.99.15-7.1]\n- fix CVE-2011-3323\n- fix CVE-2011-3324\n- fix CVE-2011-3325\n- fix CVE-2011-3326\n- fix CVE-2011-3327\n- fix CVE-2012-0255\n- fix CVE-2012-0249 and CVE-2012-0250\n- fix CVE-2012-1820\n[0.99.15-7]\n- Resolves: #684751 - CVE-2010-1674 CVE-2010-1675 quagga various flaws\n[0.99.15-6]\n- Resolves: #644832 - CVE-2010-2948 CVE-2010-2949 quagga various flaws", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "oraclelinux", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2010-2949", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2010-2948", "CVE-2010-1675", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2012-09-12T00:00:00", "id": "ELSA-2012-1259", "href": "http://linux.oracle.com/errata/ELSA-2012-1259.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:18", "description": "[0.98.6-7.1]\n- fix CVE-2011-3323\n- fix CVE-2011-3324\n- fix CVE-2011-3325\n- fix CVE-2011-3326\n- fix CVE-2011-3327\n- fix CVE-2012-0249\n- fix CVE-2010-1674\n[0.98.6-7]\n- Resolves: #638628 - CVE-2007-4826 CVE-2010-2948 quagga: various flaws\n[0.98.6-6]\n- Resolves: #528583 - Missing declarations cause zebra to segfault", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "oraclelinux", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2007-4826", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2010-2948", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2012-09-12T00:00:00", "id": "ELSA-2012-1258", "href": "http://linux.oracle.com/errata/ELSA-2012-1258.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:23:39", "description": "Stack-based buffer overflow in the new_msg_lsa_change_notify function in\nthe OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when\n--enable-opaque-lsa and the -a command line option are used, allows remote\nattackers to cause a denial of service (crash) via a large LSA.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726724>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | requires --enable-opaque-lsa during the build (true for Ubuntu 10.04 LTS and higher) also requires starting ospfd with '-a'. ospfd is not enabled by default and the configuration in /etc/quagga/debian.conf does not include '-a'. Per upstream, normal protection measures (eg, packet filtering, listening on internal network, etc) would prevent this. Furthermore, it is difficult to exploit. Considering the above, downgrading to 'low'\n", "cvss3": {}, "published": "2013-10-23T00:00:00", "type": "ubuntucve", "title": "CVE-2013-2236", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2236"], "modified": "2013-10-23T00:00:00", "id": "UB:CVE-2013-2236", "href": "https://ubuntu.com/security/CVE-2013-2236", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:29:56", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier\nallows remote attackers to cause a denial of service (assertion failure and\ndaemon exit) by leveraging a BGP peering relationship and sending a\nmalformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1820>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676510>\n * <https://bugs.launchpad.net/ubuntu/+source/quagga/+bug/1018052>\n", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "ubuntucve", "title": "CVE-2012-1820", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-13T00:00:00", "id": "UB:CVE-2012-1820", "href": "https://ubuntu.com/security/CVE-2012-1820", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:30:31", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure length is\nsmaller than the value in the Length header field.", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "ubuntucve", "title": "CVE-2012-0250", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2012-04-05T00:00:00", "id": "UB:CVE-2012-0250", "href": "https://ubuntu.com/security/CVE-2012-0250", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:30:31", "description": "Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in\nthe OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote\nattackers to cause a denial of service (assertion failure and daemon exit)\nvia a Link State Update (aka LS Update) packet that is smaller than the\nlength specified in its header.\n\n#### Bugs\n\n * <https://bugzilla.quagga.net/show_bug.cgi?id=705>\n", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "ubuntucve", "title": "CVE-2012-0249", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249"], "modified": "2012-04-05T00:00:00", "id": "UB:CVE-2012-0249", "href": "https://ubuntu.com/security/CVE-2012-0249", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:30:30", "description": "The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly\nuse message buffers for OPEN messages, which allows remote attackers to\ncause a denial of service (assertion failure and daemon exit) via a message\nassociated with a malformed Four-octet AS Number Capability (aka AS4\ncapability).", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "ubuntucve", "title": "CVE-2012-0255", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0255"], "modified": "2012-04-05T00:00:00", "id": "UB:CVE-2012-0255", "href": "https://ubuntu.com/security/CVE-2012-0255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-04T06:01:57", "description": "Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.", "cvss3": {}, "published": "2013-10-24T03:48:00", "type": "debiancve", "title": "CVE-2013-2236", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2236"], "modified": "2013-10-24T03:48:00", "id": "DEBIANCVE:CVE-2013-2236", "href": "https://security-tracker.debian.org/tracker/CVE-2013-2236", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.", "cvss3": {}, "published": "2012-06-13T15:55:00", "type": "debiancve", "title": "CVE-2012-1820", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-13T15:55:00", "id": "DEBIANCVE:CVE-2012-1820", "href": "https://security-tracker.debian.org/tracker/CVE-2012-1820", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "debiancve", "title": "CVE-2012-0250", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2012-04-05T13:25:00", "id": "DEBIANCVE:CVE-2012-0250", "href": "https://security-tracker.debian.org/tracker/CVE-2012-0250", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "debiancve", "title": "CVE-2012-0249", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249"], "modified": "2012-04-05T13:25:00", "id": "DEBIANCVE:CVE-2012-0249", "href": "https://security-tracker.debian.org/tracker/CVE-2012-0249", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "debiancve", "title": "CVE-2012-0255", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0255"], "modified": "2012-04-05T13:25:00", "id": "DEBIANCVE:CVE-2012-0255", "href": "https://security-tracker.debian.org/tracker/CVE-2012-0255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated quagga packages fix security vulnerability: Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2 (CVE-2013-2236). Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality. \n", "cvss3": {}, "published": "2013-10-17T19:40:12", "type": "mageia", "title": "Updated quagga packages fix CVE-2013-2236\n", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2236"], "modified": "2013-10-17T19:40:12", "id": "MGASA-2013-0310", "href": "https://advisories.mageia.org/MGASA-2013-0310.html", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:29:28", "description": "Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.", "cvss3": {}, "published": "2013-10-24T03:48:00", "type": "cve", "title": "CVE-2013-2236", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2236"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.99.22.1", "cpe:/a:quagga:quagga:0.99.22"], "id": "CVE-2013-2236", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2236", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.22:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.22.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:07:24", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.", "cvss3": {}, "published": "2012-06-13T15:55:00", "type": "cve", "title": "CVE-2012-1820", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2013-03-02T04:40:00", "cpe": ["cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.20.1", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-1820", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1820", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:35:33", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "cve", "title": "CVE-2012-0250", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-0250", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0250", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:36:06", "description": "Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "cve", "title": "CVE-2012-0249", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-0249", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0249", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:35:40", "description": "The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "cve", "title": "CVE-2012-0255", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0255"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-0255", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}], "amazon": [{"lastseen": "2021-07-25T19:33:31", "description": "**Issue Overview:**\n\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.\n\n \n**Affected Packages:** \n\n\nquagga\n\n \n**Issue Correction:** \nRun _yum update quagga_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 quagga-devel-0.99.20.1-1.5.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-debuginfo-0.99.20.1-1.5.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.5.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-contrib-0.99.20.1-1.5.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.5.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.5.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-debuginfo-0.99.20.1-1.5.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-devel-0.99.20.1-1.5.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-contrib-0.99.20.1-1.5.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2012-06-19T16:01:00", "type": "amazon", "title": "Low: quagga", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2014-09-14T16:37:00", "id": "ALAS-2012-090", "href": "https://alas.aws.amazon.com/ALAS-2012-90.html", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-25T19:33:42", "description": "**Issue Overview:**\n\nBuffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. \n\n \n**Affected Packages:** \n\n\nquagga\n\n \n**Issue Correction:** \nRun _yum update quagga_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 quagga-contrib-0.99.20.1-1.4.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.4.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-devel-0.99.20.1-1.4.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-debuginfo-0.99.20.1-1.4.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.4.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 quagga-contrib-0.99.20.1-1.4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-devel-0.99.20.1-1.4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-debuginfo-0.99.20.1-1.4.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2012-04-30T14:55:00", "type": "amazon", "title": "Medium: quagga", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2014-09-14T15:49:00", "id": "ALAS-2012-070", "href": "https://alas.aws.amazon.com/ALAS-2012-70.html", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}]}
GLSA-201310-08 : Quagga: Multiple vulnerabilities
