SuSE 11.1 Security Update : quagga (SAT Patch Number 6241)

2013-01-25T00:00:00

Description

This update of quagga fixes multiple security flaws that could have caused a Denial of Service via specially crafted packets. (CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255) Additionally, issues with service owned directories in combination with logrotate were fixed.

{"id": "SUSE_11_QUAGGA-120430.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "SuSE 11.1 Security Update : quagga (SAT Patch Number 6241)", "description": "This update of quagga fixes multiple security flaws that could have caused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination with logrotate were fixed.", "published": "2013-01-25T00:00:00", "modified": "2021-01-19T00:00:00", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/64222", "reporter": "This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.", "references": ["http://support.novell.com/security/cve/CVE-2012-0249.html", "https://bugzilla.novell.com/show_bug.cgi?id=752205", "https://bugzilla.novell.com/show_bug.cgi?id=677335", "http://support.novell.com/security/cve/CVE-2012-0250.html", "https://bugzilla.novell.com/show_bug.cgi?id=759081", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0249", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0255", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1820", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0250", "https://bugzilla.novell.com/show_bug.cgi?id=752206", "https://bugzilla.novell.com/show_bug.cgi?id=752204", "http://support.novell.com/security/cve/CVE-2012-0255.html", "http://support.novell.com/security/cve/CVE-2012-1820.html"], "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "immutableFields": [], "lastseen": "2021-08-19T12:56:00", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2012-070", "ALAS-2012-090"]}, {"type": "centos", "idList": ["CESA-2012:1258", "CESA-2012:1259"]}, {"type": "cert", "idList": ["VU:551715", "VU:962587"]}, {"type": "cve", "idList": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2459-1:6BDF4", "DEBIAN:DSA-2497-1:C0241"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-0249", "DEBIANCVE:CVE-2012-0250", "DEBIANCVE:CVE-2012-0255", "DEBIANCVE:CVE-2012-1820"]}, {"type": "fedora", "idList": ["FEDORA:2C9CC214AD", "FEDORA:339B620DE9", "FEDORA:520CC20C2F", "FEDORA:B7DAD209CA", "FEDORA:CF10E20C82", "FEDORA:DF7CB20842"]}, {"type": "freebsd", "idList": ["1E14D46F-AF1F-11E1-B242-00215AF774F0", "42A2C82A-75B9-11E1-89B4-001EC9578670"]}, {"type": "gentoo", "idList": ["GLSA-201310-08"]}, {"type": "nessus", "idList": ["ALA_ALAS-2012-70.NASL", "ALA_ALAS-2012-90.NASL", "CENTOS_RHSA-2012-1258.NASL", "CENTOS_RHSA-2012-1259.NASL", "DEBIAN_DSA-2459.NASL", "DEBIAN_DSA-2497.NASL", "FEDORA_2012-5352.NASL", "FEDORA_2012-5411.NASL", "FEDORA_2012-5436.NASL", "FEDORA_2012-9103.NASL", "FEDORA_2012-9116.NASL", "FEDORA_2012-9117.NASL", "FREEBSD_PKG_1E14D46FAF1F11E1B24200215AF774F0.NASL", "FREEBSD_PKG_42A2C82A75B911E189B4001EC9578670.NASL", "GENTOO_GLSA-201310-08.NASL", "MANDRIVA_MDVSA-2013-122.NASL", "ORACLELINUX_ELSA-2012-1258.NASL", "ORACLELINUX_ELSA-2012-1259.NASL", "QUAGGA_0_99_17.NASL", "QUAGGA_0_99_20_1.NASL", "QUAGGA_0_99_21.NASL", "REDHAT-RHSA-2012-1258.NASL", "REDHAT-RHSA-2012-1259.NASL", "SL_20120912_QUAGGA_ON_SL5_X.NASL", "SL_20120912_QUAGGA_ON_SL6_X.NASL", "SOLARIS11_QUAGGA_20120821.NASL", "SUSE_QUAGGA-8108.NASL", "UBUNTU_USN-1441-1.NASL", "UBUNTU_USN-1605-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120150", "OPENVAS:1361412562310120299", "OPENVAS:1361412562310121046", "OPENVAS:1361412562310123824", "OPENVAS:1361412562310123825", "OPENVAS:136141256231071263", "OPENVAS:136141256231071290", "OPENVAS:136141256231071476", "OPENVAS:136141256231071542", "OPENVAS:1361412562310841005", "OPENVAS:1361412562310841186", "OPENVAS:1361412562310864166", "OPENVAS:1361412562310864169", "OPENVAS:1361412562310864412", "OPENVAS:1361412562310864480", "OPENVAS:1361412562310864485", "OPENVAS:1361412562310864486", "OPENVAS:1361412562310870828", "OPENVAS:1361412562310870833", "OPENVAS:1361412562310881497", "OPENVAS:1361412562310881499", "OPENVAS:71263", "OPENVAS:71290", "OPENVAS:71476", "OPENVAS:71542", "OPENVAS:841005", "OPENVAS:841186", "OPENVAS:864166", "OPENVAS:864169", "OPENVAS:864412", "OPENVAS:864480", "OPENVAS:864485", "OPENVAS:864486", "OPENVAS:870828", "OPENVAS:870833", "OPENVAS:881497", "OPENVAS:881499"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1258", "ELSA-2012-1259", "ELSA-2017-0794"]}, {"type": "osv", "idList": ["OSV:DSA-2459-1", "OSV:DSA-2459-2", "OSV:DSA-2497-1"]}, {"type": "redhat", "idList": ["RHSA-2012:1258", "RHSA-2012:1259"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11957"]}, {"type": "ubuntu", "idList": ["USN-1441-1", "USN-1605-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-0249", "UB:CVE-2012-0250", "UB:CVE-2012-0255", "UB:CVE-2012-1820"]}]}, "score": {"value": -0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2012-070"]}, {"type": "centos", "idList": ["CESA-2012:1258", "CESA-2012:1259"]}, {"type": "cert", "idList": ["VU:551715"]}, {"type": "cve", "idList": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2497-1:C0241"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-0249"]}, {"type": "fedora", "idList": ["FEDORA:DF7CB20842"]}, {"type": "freebsd", "idList": ["1E14D46F-AF1F-11E1-B242-00215AF774F0", "42A2C82A-75B9-11E1-89B4-001EC9578670"]}, {"type": "gentoo", "idList": ["GLSA-201310-08"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/GENTOO-LINUX-CVE-2012-0249/"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_1E14D46FAF1F11E1B24200215AF774F0.NASL", "UBUNTU_USN-1441-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107444", "OPENVAS:1361412562310120299", "OPENVAS:1361412562310870828", "OPENVAS:864166"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1258"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11957"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-1820"]}]}, "exploitation": null, "vulnersScore": -0.3}, "pluginID": "64222", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64222);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"SuSE 11.1 Security Update : quagga (SAT Patch Number 6241)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of quagga fixes multiple security flaws that could have\ncaused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination\nwith logrotate were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=759081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0249.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0250.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0255.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1820.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6241.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"quagga-0.99.15-0.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:suse_linux:11:quagga", "cpe:/o:novell:suse_linux:11"], "solution": "Apply SAT patch number 6241.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.6"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2012-04-30T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1660004461, "score": 1659821600}, "_internal": {"score_hash": "079bb60c6c4ba7864e4301f6dc14ccdd"}}

{"nessus": [{"lastseen": "2021-08-19T12:58:19", "description": "This update of quagga fixes multiple security flaws that could have caused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination with logrotate were fixed.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-07T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : quagga (ZYPP Patch Number 8108)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_QUAGGA-8108.NASL", "href": "https://www.tenable.com/plugins/nessus/59393", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59393);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"SuSE 10 Security Update : quagga (ZYPP Patch Number 8108)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of quagga fixes multiple security flaws that could have\ncaused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination\nwith logrotate were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0249.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0250.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0255.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1820.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8108.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"quagga-0.99.9-14.15.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"quagga-devel-0.99.9-14.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:52:27", "description": "The remote host is affected by the vulnerability described in GLSA-201310-08 (Quagga: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker may be able to cause arbitrary code execution or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2013-10-11T00:00:00", "type": "nessus", "title": "GLSA-201310-08 : Quagga: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:quagga", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201310-08.NASL", "href": "https://www.tenable.com/plugins/nessus/70381", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201310-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70381);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\", \"CVE-2013-2236\");\n script_bugtraq_id(52531, 53775, 60955);\n script_xref(name:\"GLSA\", value:\"201310-08\");\n\n script_name(english:\"GLSA-201310-08 : Quagga: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201310-08\n(Quagga: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Quagga. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to cause arbitrary code execution or a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201310-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Quagga users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/quagga-0.99.22.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/quagga\", unaffected:make_list(\"ge 0.99.22.4\"), vulnerable:make_list(\"lt 0.99.22.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:47:14", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. (CVE-2012-0248)\n\n - Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.\n (CVE-2012-0249)\n\n - Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. (CVE-2012-0250)\n\n - The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability). (CVE-2012-0255)\n\n - The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message. (CVE-2012-1820)", "cvss3": {"score": null, "vector": null}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : quagga (cve_2012_1820_denial_of)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0248", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.0", "p-cpe:/a:oracle:solaris:quagga"], "id": "SOLARIS11_QUAGGA_20120821.NASL", "href": "https://www.tenable.com/plugins/nessus/80752", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80752);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0248\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : quagga (cve_2012_1820_denial_of)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - ImageMagick 6.7.5-7 and earlier allows remote attackers\n to cause a denial of service (infinite loop and hang)\n via a crafted image whose IFD contains IOP tags that all\n reference the beginning of the IDF. (CVE-2012-0248)\n\n - Buffer overflow in the ospf_ls_upd_list_lsa function in\n ospf_packet.c in the OSPFv2 implementation in ospfd in\n Quagga before 0.99.20.1 allows remote attackers to cause\n a denial of service (assertion failure and daemon exit)\n via a Link State Update (aka LS Update) packet that is\n smaller than the length specified in its header.\n (CVE-2012-0249)\n\n - Buffer overflow in the OSPFv2 implementation in ospfd in\n Quagga before 0.99.20.1 allows remote attackers to cause\n a denial of service (daemon crash) via a Link State\n Update (aka LS Update) packet containing a network-LSA\n link-state advertisement for which the data-structure\n length is smaller than the value in the Length header\n field. (CVE-2012-0250)\n\n - The BGP implementation in bgpd in Quagga before\n 0.99.20.1 does not properly use message buffers for OPEN\n messages, which allows remote attackers to cause a\n denial of service (assertion failure and daemon exit)\n via a message associated with a malformed Four-octet AS\n Number Capability (aka AS4 capability). (CVE-2012-0255)\n\n - The bgp_capability_orf function in bgpd in Quagga\n 0.99.20.1 and earlier allows remote attackers to cause a\n denial of service (assertion failure and daemon exit) by\n leveraging a BGP peering relationship and sending a\n malformed Outbound Route Filtering (ORF) capability TLV\n in an OPEN message. (CVE-2012-1820)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2012-1820-denial-of-service-dos-vulnerability-in-quagga\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-quagga\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93e9a1eb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11/11 SRU 10.5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:quagga\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^quagga$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.10.0.5.0\", sru:\"SRU 10.5a\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : quagga\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"quagga\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:43", "description": "CERT reports :\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon aborts due to an assert) with a malformed OSPF LS-Update message.\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon crash) with a malformed OSPF Network- LSA message.\n\nThe bgpd implementation of BGP in Quagga allows remote attackers to cause a denial of service (daemon aborts due to an assert) via BGP Open message with an invalid AS4 capability.", "cvss3": {"score": null, "vector": null}, "published": "2012-03-26T00:00:00", "type": "nessus", "title": "FreeBSD : quagga -- multiple vulnerabilities (42a2c82a-75b9-11e1-89b4-001ec9578670)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:quagga", "p-cpe:/a:freebsd:freebsd:quagga-re", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_42A2C82A75B911E189B4001EC9578670.NASL", "href": "https://www.tenable.com/plugins/nessus/58471", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58471);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_xref(name:\"CERT\", value:\"551715\");\n\n script_name(english:\"FreeBSD : quagga -- multiple vulnerabilities (42a2c82a-75b9-11e1-89b4-001ec9578670)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CERT reports :\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker\n(on a local network segment with OSPF enabled) to cause a denial of\nservice (daemon aborts due to an assert) with a malformed OSPF\nLS-Update message.\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker\n(on a local network segment with OSPF enabled) to cause a denial of\nservice (daemon crash) with a malformed OSPF Network- LSA message.\n\nThe bgpd implementation of BGP in Quagga allows remote attackers to\ncause a denial of service (daemon aborts due to an assert) via BGP\nOpen message with an invalid AS4 capability.\"\n );\n # https://vuxml.freebsd.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?14ac3939\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga-re\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"quagga<0.99.20.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"quagga-re<0.99.17.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:32", "description": "fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-20T00:00:00", "type": "nessus", "title": "Fedora 17 : quagga-0.99.20.1-1.fc17 (2012-5352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-5352.NASL", "href": "https://www.tenable.com/plugins/nessus/58805", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5352.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58805);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_xref(name:\"FEDORA\", value:\"2012-5352\");\n\n script_name(english:\"Fedora 17 : quagga-0.99.20.1-1.fc17 (2012-5352)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802829\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54991e49\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"quagga-0.99.20.1-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:33", "description": "fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-23T00:00:00", "type": "nessus", "title": "Fedora 15 : quagga-0.99.20.1-1.fc15 (2012-5436)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-5436.NASL", "href": "https://www.tenable.com/plugins/nessus/58822", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5436.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58822);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"FEDORA\", value:\"2012-5436\");\n\n script_name(english:\"Fedora 15 : quagga-0.99.20.1-1.fc15 (2012-5436)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802829\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3476b3b9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"quagga-0.99.20.1-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "According to its self-reported version number, the installation of Quagga listening on the remote host is affected by multiple vulnerabilities :\n\n - A buffer overflow vulnerability exists in OSPFD can be triggered by a specially crafted Link Status Update message that is smaller than the length specified in its header, leading to denial of service.\n (CVE-2012-0249)\n\n - A buffer overflow vulnerability in exists OSPFD can be triggered by a specially crafted Link Status Update message containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field, leading to denial of service. (CVE-2012-0250)\n\n - A denial of service vulnerability exists in BGPD that can be triggered by a specially crafted OPEN message with a malformed four-octet AS Number Capability.\n (CVE-2012-0250)", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.20.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_20_1.NASL", "href": "https://www.tenable.com/plugins/nessus/59791", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59791);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/25 18:58:04\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"CERT\", value:\"551715\");\n\n script_name(english:\"Quagga < 0.99.20.1 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga listening on the remote host is affected by multiple\nvulnerabilities :\n\n - A buffer overflow vulnerability exists in OSPFD can be\n triggered by a specially crafted Link Status Update\n message that is smaller than the length specified in \n its header, leading to denial of service.\n (CVE-2012-0249)\n\n - A buffer overflow vulnerability in exists OSPFD can be\n triggered by a specially crafted Link Status Update\n message containing a network-LSA link-state\n advertisement for which the data-structure length is\n smaller than the value in the Length header field,\n leading to denial of service. (CVE-2012-0250)\n\n - A denial of service vulnerability exists in BGPD that \n can be triggered by a specially crafted OPEN message \n with a malformed four-octet AS Number Capability.\n (CVE-2012-0250)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.20.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.quagga.net/show_bug.cgi?id=705\");\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7151\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.quagga.net/download/quagga-0.99.20.1.changelog.txt\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.20.1\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_warning(port:port, extra:report);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:31", "description": "Several vulnerabilities have been discovered in Quagga, a routing daemon.\n\n - CVE-2012-0249 A buffer overflow in the ospf_ls_upd_list_lsa function in the OSPFv2 implementation allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.\n\n - CVE-2012-0250 A buffer overflow in the OSPFv2 implementation allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.\n\n - CVE-2012-0255 The BGP implementation does not properly use message buffers for OPEN messages, which allows remote attackers impersonating a configured BGP peer to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent upstream release. This release includes other corrections, such as hardening against unknown BGP path attributes.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-27T00:00:00", "type": "nessus", "title": "Debian DSA-2459-2 : quagga - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:quagga", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2459.NASL", "href": "https://www.tenable.com/plugins/nessus/58883", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2459. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58883);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"DSA\", value:\"2459\");\n\n script_name(english:\"Debian DSA-2459-2 : quagga - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\n - CVE-2012-0249\n A buffer overflow in the ospf_ls_upd_list_lsa function\n in the OSPFv2 implementation allows remote attackers to\n cause a denial of service (assertion failure and daemon\n exit) via a Link State Update (aka LS Update) packet\n that is smaller than the length specified in its header.\n\n - CVE-2012-0250\n A buffer overflow in the OSPFv2 implementation allows\n remote attackers to cause a denial of service (daemon\n crash) via a Link State Update (aka LS Update) packet\n containing a network-LSA link-state advertisement for\n which the data-structure length is smaller than the\n value in the Length header field.\n\n - CVE-2012-0255\n The BGP implementation does not properly use message\n buffers for OPEN messages, which allows remote attackers\n impersonating a configured BGP peer to cause a denial of\n service (assertion failure and daemon exit) via a\n message associated with a malformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/quagga\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2459\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the quagga packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"quagga\", reference:\"0.99.20.1-0+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-dbg\", reference:\"0.99.20.1-0+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-doc\", reference:\"0.99.20.1-0+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:33", "description": "fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-23T00:00:00", "type": "nessus", "title": "Fedora 16 : quagga-0.99.20.1-1.fc16 (2012-5411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-5411.NASL", "href": "https://www.tenable.com/plugins/nessus/58819", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5411.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58819);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"FEDORA\", value:\"2012-5411\");\n\n script_name(english:\"Fedora 16 : quagga-0.99.20.1-1.fc16 (2012-5411)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802829\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f5ca7ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"quagga-0.99.20.1-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:31", "description": "It was discovered that Quagga incorrectly handled Link State Update messages with invalid lengths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0249, CVE-2012-0250)\n\nIt was discovered that Quagga incorrectly handled messages with a malformed Four-octet AS Number Capability. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0255).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-05-16T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerabilities (USN-1441-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:quagga", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1441-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59107", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1441-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59107);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"USN\", value:\"1441-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerabilities (USN-1441-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga incorrectly handled Link State Update\nmessages with invalid lengths. A remote attacker could use this flaw\nto cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0249, CVE-2012-0250)\n\nIt was discovered that Quagga incorrectly handled messages with a\nmalformed Four-octet AS Number Capability. A remote attacker could use\nthis flaw to cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0255).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1441-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.10.04.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.04.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.10.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.12.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:57:13", "description": "A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-14T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : quagga on SL6.x i386/x86_64 (20120912)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:quagga", "p-cpe:/a:fermilab:scientific_linux:quagga-contrib", "p-cpe:/a:fermilab:scientific_linux:quagga-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120912_QUAGGA_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62095", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62095);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"Scientific Linux Security Update : quagga on SL6.x i386/x86_64 (20120912)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d\ndaemons will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1209&L=scientific-linux-errata&T=0&P=1641\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b28b4689\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected quagga, quagga-contrib and / or quagga-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:53:34", "description": "From Red Hat Security Advisory 2012:1259 :\n\nUpdated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : quagga (ELSA-2012-1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:quagga", "p-cpe:/a:oracle:linux:quagga-contrib", "p-cpe:/a:oracle:linux:quagga-devel", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/68618", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1259 and \n# Oracle Linux Security Advisory ELSA-2012-1259 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68618);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_bugtraq_id(42635, 42642, 46942, 46943, 49784, 52531, 53775);\n script_xref(name:\"RHSA\", value:\"2012:1259\");\n\n script_name(english:\"Oracle Linux 6 : quagga (ELSA-2012-1259)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1259 :\n\nUpdated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003021.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:17", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-13T00:00:00", "type": "nessus", "title": "RHEL 6 : quagga (RHSA-2012:1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:quagga", "p-cpe:/a:redhat:enterprise_linux:quagga-contrib", "p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo", "p-cpe:/a:redhat:enterprise_linux:quagga-devel", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.3"], "id": "REDHAT-RHSA-2012-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/62070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1259. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62070);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_bugtraq_id(49784, 52531, 53775);\n script_xref(name:\"RHSA\", value:\"2012:1259\");\n\n script_name(english:\"RHEL 6 : quagga (RHSA-2012:1259)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0255\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1259\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"quagga-debuginfo-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:09", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-14T00:00:00", "type": "nessus", "title": "CentOS 6 : quagga (CESA-2012:1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:quagga", "p-cpe:/a:centos:centos:quagga-contrib", "p-cpe:/a:centos:centos:quagga-devel", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/62081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1259 and \n# CentOS Errata and Security Advisory 2012:1259 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62081);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_bugtraq_id(49784, 52531, 53775);\n script_xref(name:\"RHSA\", value:\"2012:1259\");\n\n script_name(english:\"CentOS 6 : quagga (CESA-2012:1259)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018868.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d4761e3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:56:55", "description": "It was discovered that Quagga incorrectly handled certain malformed messages. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-10-12T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerability (USN-1605-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:quagga", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1605-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62512", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1605-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62512);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"USN\", value:\"1605-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerability (USN-1605-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga incorrectly handled certain malformed\nmessages. A remote attacker could use this flaw to cause Quagga to\ncrash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1605-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.10.04.3\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.04.3\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.10.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.12.04.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:55:14", "description": "Updated quagga package fixes security vulnerability :\n\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message (CVE-2012-1820).", "cvss3": {"score": null, "vector": null}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : quagga (MDVSA-2013:122)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64quagga-devel", "p-cpe:/a:mandriva:linux:lib64quagga0", "p-cpe:/a:mandriva:linux:quagga", "p-cpe:/a:mandriva:linux:quagga-contrib", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-122.NASL", "href": "https://www.tenable.com/plugins/nessus/66134", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:122. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66134);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"MDVSA\", value:\"2013:122\");\n script_xref(name:\"MGASA\", value:\"2012-0133\");\n\n script_name(english:\"Mandriva Linux Security Advisory : quagga (MDVSA-2013:122)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga package fixes security vulnerability :\n\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message (CVE-2012-1820).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64quagga0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64quagga-devel-0.99.20.1-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64quagga0-0.99.20.1-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"quagga-0.99.20.1-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"quagga-contrib-0.99.20.1-4.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-16T14:50:31", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : quagga (ALAS-2012-90)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:quagga", "p-cpe:/a:amazon:linux:quagga-contrib", "p-cpe:/a:amazon:linux:quagga-debuginfo", "p-cpe:/a:amazon:linux:quagga-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-90.NASL", "href": "https://www.tenable.com/plugins/nessus/69697", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-90.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69697);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"ALAS\", value:\"2012-90\");\n\n script_name(english:\"Amazon Linux AMI : quagga (ALAS-2012-90)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-90.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update quagga' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"quagga-0.99.20.1-1.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-contrib-0.99.20.1-1.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-debuginfo-0.99.20.1-1.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-devel-0.99.20.1-1.5.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:02", "description": "Update to the 0.99.21 which fixes various issues. In addition, this update fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 17 : quagga-0.99.21-2.fc17 (2012-9103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-9103.NASL", "href": "https://www.tenable.com/plugins/nessus/59577", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9103.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59577);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"FEDORA\", value:\"2012-9103\");\n\n script_name(english:\"Fedora 17 : quagga-0.99.21-2.fc17 (2012-9103)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the 0.99.21 which fixes various issues. In addition, this\nupdate fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN\nmessage with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817580\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082500.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ceaed9ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"quagga-0.99.21-2.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:21", "description": "CERT reports :\n\nIf a pre-configured BGP peer sends a specially crafted OPEN message with a malformed ORF capability TLV, Quagga bgpd process will erroneously try to consume extra bytes from the input packet buffer.\nThe process will detect a buffer overrun attempt before it happens and immediately terminate with an error message. All BGP sessions established by the attacked router will be closed and its BGP routing disrupted.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-06T00:00:00", "type": "nessus", "title": "FreeBSD : quagga -- BGP OPEN denial of service vulnerability (1e14d46f-af1f-11e1-b242-00215af774f0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:quagga", "p-cpe:/a:freebsd:freebsd:quagga-re", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_1E14D46FAF1F11E1B24200215AF774F0.NASL", "href": "https://www.tenable.com/plugins/nessus/59380", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59380);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"CERT\", value:\"962587\");\n\n script_name(english:\"FreeBSD : quagga -- BGP OPEN denial of service vulnerability (1e14d46f-af1f-11e1-b242-00215af774f0)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CERT reports :\n\nIf a pre-configured BGP peer sends a specially crafted OPEN message\nwith a malformed ORF capability TLV, Quagga bgpd process will\nerroneously try to consume extra bytes from the input packet buffer.\nThe process will detect a buffer overrun attempt before it happens and\nimmediately terminate with an error message. All BGP sessions\nestablished by the attacked router will be closed and its BGP routing\ndisrupted.\"\n );\n # https://vuxml.freebsd.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7a7130fa\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga-re\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"quagga<=0.99.20.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"quagga-re<0.99.17.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:13", "description": "This update fixes CVE-2012-1820.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 15 : quagga-0.99.20.1-2.fc15 (2012-9117)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-9117.NASL", "href": "https://www.tenable.com/plugins/nessus/59579", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9117.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59579);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"FEDORA\", value:\"2012-9117\");\n\n script_name(english:\"Fedora 15 : quagga-0.99.20.1-2.fc15 (2012-9117)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2012-1820.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817580\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082484.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?94b7e00f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"quagga-0.99.20.1-2.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:05", "description": "According to its self-reported version number, the installation of Quagga's BGP daemon listening on the remote host is affected by a denial of service vulnerability. Unauthenticated attackers on the local network can trigger this issue by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering capability TLV in an OPEN message.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.21 BGP Denial of Service Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_21.NASL", "href": "https://www.tenable.com/plugins/nessus/59792", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59792);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/25 18:58:04\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"CERT\", value:\"962587\");\n\n script_name(english:\"Quagga < 0.99.21 BGP Denial of Service Vulnerability\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga's BGP daemon listening on the remote host is affected by a\ndenial of service vulnerability. Unauthenticated attackers on the\nlocal network can trigger this issue by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering\ncapability TLV in an OPEN message.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.21 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7214\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.quagga.net/download/quagga-0.99.21.changelog.txt\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.21\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_note(port:port, extra:report);\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "Update to the 0.99.21 which fixes various issues. In addition, this update fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 16 : quagga-0.99.21-2.fc16 (2012-9116)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-9116.NASL", "href": "https://www.tenable.com/plugins/nessus/59578", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9116.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59578);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"FEDORA\", value:\"2012-9116\");\n\n script_name(english:\"Fedora 16 : quagga-0.99.21-2.fc16 (2012-9116)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the 0.99.21 which fixes various issues. In addition, this\nupdate fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN\nmessage with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817580\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082463.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9edba5e9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"quagga-0.99.21-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "It was discovered that Quagga, a routing daemon, contains a vulnerability in processing the ORF capability in BGP OPEN messages. A malformed OPEN message from a previously configured BGP peer could cause bgpd to crash, causing a denial of service.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Debian DSA-2497-1 : quagga - denial of service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:quagga", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2497.NASL", "href": "https://www.tenable.com/plugins/nessus/59775", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2497. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59775);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"DSA\", value:\"2497\");\n\n script_name(english:\"Debian DSA-2497-1 : quagga - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages. A\nmalformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/quagga\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2497\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the quagga packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"quagga\", reference:\"0.99.20.1-0+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-dbg\", reference:\"0.99.20.1-0+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-doc\", reference:\"0.99.20.1-0+squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-16T02:06:47", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : quagga (ALAS-2012-70)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:quagga", "p-cpe:/a:amazon:linux:quagga-contrib", "p-cpe:/a:amazon:linux:quagga-debuginfo", "p-cpe:/a:amazon:linux:quagga-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-70.NASL", "href": "https://www.tenable.com/plugins/nessus/69677", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-70.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69677);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-0250\");\n script_xref(name:\"ALAS\", value:\"2012-70\");\n\n script_name(english:\"Amazon Linux AMI : quagga (ALAS-2012-70)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure\nlength is smaller than the value in the Length header field.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-70.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update quagga' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"quagga-0.99.20.1-1.4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-contrib-0.99.20.1-1.4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-debuginfo-0.99.20.1-1.4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-devel-0.99.20.1-1.4.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:54:32", "description": "From Red Hat Security Advisory 2012:1258 :\n\nUpdated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : quagga (ELSA-2012-1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:quagga", "p-cpe:/a:oracle:linux:quagga-contrib", "p-cpe:/a:oracle:linux:quagga-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/68617", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1258 and \n# Oracle Linux Security Advisory ELSA-2012-1258 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68617);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_bugtraq_id(25634, 42635, 46942, 49784, 52531);\n script_xref(name:\"RHSA\", value:\"2012:1258\");\n\n script_name(english:\"Oracle Linux 5 : quagga (ELSA-2012-1258)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1258 :\n\nUpdated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003022.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:09", "description": "A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-14T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : quagga on SL5.x i386/x86_64 (20120912)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:quagga", "p-cpe:/a:fermilab:scientific_linux:quagga-contrib", "p-cpe:/a:fermilab:scientific_linux:quagga-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120912_QUAGGA_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62094", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62094);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n\n script_name(english:\"Scientific Linux Security Update : quagga on SL5.x i386/x86_64 (20120912)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d\ndaemons will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1209&L=scientific-linux-errata&T=0&P=1762\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?242862fd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected quagga, quagga-contrib and / or quagga-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:06", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-13T00:00:00", "type": "nessus", "title": "RHEL 5 : quagga (RHSA-2012:1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:quagga", "p-cpe:/a:redhat:enterprise_linux:quagga-contrib", "p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo", "p-cpe:/a:redhat:enterprise_linux:quagga-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/62069", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1258. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62069);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_bugtraq_id(46942, 49784, 52531);\n script_xref(name:\"RHSA\", value:\"2012:1258\");\n\n script_name(english:\"RHEL 5 : quagga (RHSA-2012:1258)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1258\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0249\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1258\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"quagga-debuginfo-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:14", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-13T00:00:00", "type": "nessus", "title": "CentOS 5 : quagga (CESA-2012:1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:quagga", "p-cpe:/a:centos:centos:quagga-contrib", "p-cpe:/a:centos:centos:quagga-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/62066", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1258 and \n# CentOS Errata and Security Advisory 2012:1258 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62066);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_bugtraq_id(46942, 49784, 52531);\n script_xref(name:\"RHSA\", value:\"2012:1258\");\n\n script_name(english:\"CentOS 5 : quagga (CESA-2012:1258)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018866.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d6e6aff\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:45:41", "description": "According to its self-reported version number, the installation of Quagga's BGPD listening on the remote host is affected by multiple vulnerabilities :\n\n - A stack-based buffer overflow vulnerability can be triggered by a specially crafted BGP ROUTE-REFRESH message with a malformed Outbound Route Filtering record sent by a pre-configured peer. (CVE-2010-2948)\n\n - A denial of service vulnerability in BGPD can be triggered by a specially crafted UPDATE message with an unknown AS type in an AS path attribute.\n (CVE-2012-0250)", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.17 BGPD Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2948", "CVE-2010-2949", "CVE-2012-0250"], "modified": "2019-12-04T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_17.NASL", "href": "https://www.tenable.com/plugins/nessus/59788", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59788);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2010-2948\", \"CVE-2010-2949\");\n script_bugtraq_id(42635, 42642);\n\n script_name(english:\"Quagga < 0.99.17 BGPD Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga's BGPD listening on the remote host is affected by multiple\nvulnerabilities :\n\n - A stack-based buffer overflow vulnerability can be\n triggered by a specially crafted BGP ROUTE-REFRESH\n message with a malformed Outbound Route Filtering record\n sent by a pre-configured peer. (CVE-2010-2948)\n\n - A denial of service vulnerability in BGPD can be\n triggered by a specially crafted UPDATE message with an\n unknown AS type in an AS path attribute.\n (CVE-2012-0250)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7140\");\n script_set_attribute(attribute:\"see_also\", value:\"http://web.archive.org/web/20110928221629/http://www.quagga.net/download/quagga-0.99.17.changelog.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.17 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-2948\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.17\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_warning(port:port, extra:report);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:31", "description": "Gentoo Linux Local Security Checks GLSA 201310-08", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201310-08", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2013-2236"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121046", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121046", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201310-08.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121046\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:06 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201310-08\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201310-08\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\", \"CVE-2013-2236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201310-08\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-misc/quagga\", unaffected: make_list(\"ge 0.99.22.4\"), vulnerable: make_list(\"lt 0.99.22.4\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-04T11:20:55", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1441-1", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1441-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841005", "href": "http://plugins.openvas.org/nasl.php?oid=841005", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1441_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for quagga USN-1441-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Quagga incorrectly handled Link State Update\n messages with invalid lengths. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0249,\n CVE-2012-0250)\n\n It was discovered that Quagga incorrectly handled messages with a malformed\n Four-octet AS Number Capability. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1441-1\";\ntag_affected = \"quagga on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1441-1/\");\n script_id(841005);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-17 10:32:32 +0530 (Thu, 17 May 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1441-1\");\n script_name(\"Ubuntu Update for quagga USN-1441-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:30", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2459-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71263", "href": "http://plugins.openvas.org/nasl.php?oid=71263", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2459_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2459-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\nCVE-2012-0249\nA buffer overflow in the ospf_ls_upd_list_lsa function in the\nOSPFv2 implementation allows remote attackers to cause a\ndenial of service (assertion failure and daemon exit) via a\nLink State Update (aka LS Update) packet that is smaller than\nthe length specified in its header.\n\nCVE-2012-0250\nA buffer overflow in the OSPFv2 implementation allows remote\nattackers to cause a denial of service (daemon crash) via a\nLink State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the\ndata-structure length is smaller than the value in the Length\nheader field.\n\nCVE-2012-0255\nThe BGP implementation does not properly use message buffers\nfor OPEN messages, which allows remote attackers impersonating\na configured BGP peer to cause a denial of service (assertion\nfailure and daemon exit) via a message associated with a\nmalformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\nWe recommend that you upgrade your quagga packages.\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202459-1\";\n\nif(description)\n{\n script_id(71263);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:58:15 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2459-1 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:41", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5411", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864166", "href": "http://plugins.openvas.org/nasl.php?oid=864166", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5411\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n\n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n\n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html\");\n script_id(864166);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:52:52 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5411\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5411\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:57:28", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5352", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:864412", "href": "http://plugins.openvas.org/nasl.php?oid=864412", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5352\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html\");\n script_id(864412);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:08:55 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5352\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5352\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:50", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2017-04-10T00:00:00", "id": "OPENVAS:71290", "href": "http://plugins.openvas.org/nasl.php?oid=71290", "sourceData": "#\n#VID 42a2c82a-75b9-11e1-89b4-001ec9578670\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 42a2c82a-75b9-11e1-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n quagga\n quagga-re\n\nCVE-2012-0249\nBuffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c\nin the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1\nallows remote attackers to cause a denial of service (assertion\nfailure and daemon exit) via a Link State Update (aka LS Update)\npacket that is smaller than the length specified in its header.\nCVE-2012-0250\nBuffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure\nlength is smaller than the value in the Length header field.\nCVE-2012-0255\nThe BGP implementation in bgpd in Quagga before 0.99.20.1 does not\nproperly use message buffers for OPEN messages, which allows remote\nattackers to cause a denial of service (assertion failure and daemon\nexit) via a message associated with a malformed Four-octet AS Number\nCapability (aka AS4 capability).\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kb.cert.org/vuls/id/551715\nhttp://www.vuxml.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71290);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 5912 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-10 11:01:51 +0200 (Mon, 10 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:26 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.8\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5411", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864166", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864166", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5411\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864166\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:52:52 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5411\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5411\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:21", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071290", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071290", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_quagga3.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 42a2c82a-75b9-11e1-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71290\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:26 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n quagga\n quagga-re\n\nCVE-2012-0249\nBuffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c\nin the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1\nallows remote attackers to cause a denial of service (assertion\nfailure and daemon exit) via a Link State Update (aka LS Update)\npacket that is smaller than the length specified in its header.\nCVE-2012-0250\nBuffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure\nlength is smaller than the value in the Length header field.\nCVE-2012-0255\nThe BGP implementation in bgpd in Quagga before 0.99.20.1 does not\nproperly use message buffers for OPEN messages, which allows remote\nattackers to cause a denial of service (assertion failure and daemon\nexit) via a message associated with a malformed Four-octet AS Number\nCapability (aka AS4 capability).\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/551715\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.8\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:24", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1441-1", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1441-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841005", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841005", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1441_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for quagga USN-1441-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1441-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841005\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-17 10:32:32 +0530 (Thu, 17 May 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1441-1\");\n script_name(\"Ubuntu Update for quagga USN-1441-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1441-1\");\n script_tag(name:\"affected\", value:\"quagga on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Quagga incorrectly handled Link State Update\n messages with invalid lengths. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0249,\n CVE-2012-0250)\n\n It was discovered that Quagga incorrectly handled messages with a malformed\n Four-octet AS Number Capability. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5352", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864412", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864412", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5352\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864412\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:08:55 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5352\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5352\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2459-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071263", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071263", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2459_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2459-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71263\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:58:15 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2459-1 (quagga)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202459-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\nCVE-2012-0249\nA buffer overflow in the ospf_ls_upd_list_lsa function in the\nOSPFv2 implementation allows remote attackers to cause a\ndenial of service (assertion failure and daemon exit) via a\nLink State Update (aka LS Update) packet that is smaller than\nthe length specified in its header.\n\nCVE-2012-0250\nA buffer overflow in the OSPFv2 implementation allows remote\nattackers to cause a denial of service (daemon crash) via a\nLink State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the\ndata-structure length is smaller than the value in the Length\nheader field.\n\nCVE-2012-0255\nThe BGP implementation does not properly use message buffers\nfor OPEN messages, which allows remote attackers impersonating\na configured BGP peer to cause a denial of service (assertion\nfailure and daemon exit) via a message associated with a\nmalformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your quagga packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:10", "description": "Oracle Linux Local Security Checks ELSA-2012-1259", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1259", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123824", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123824", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1259.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123824\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:02 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1259\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1259 - quagga security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1259\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1259.html\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.15~7.el6_3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.15~7.el6_3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:04", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1259-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:870828", "href": "http://plugins.openvas.org/nasl.php?oid=870828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1259-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00015.html\");\n script_id(870828);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:41:23 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1259-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1259-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:31", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1259 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:881497", "href": "http://plugins.openvas.org/nasl.php?oid=881497", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1259 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n \n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n \n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n \n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n \n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n \n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n \n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n \n Two flaws were found in the way the bgpd daemon processed certain BGP OPEN\n messages. A configured BGP peer could cause bgpd on a target system to\n abort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\n CVE-2012-1820)\n \n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\n CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\n CVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\n Taimisto of the Codenomicon CROSS project as the original reporters of\n CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\n CVE-2011-3326. The CERT/CC acknowle ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018868.html\");\n script_id(881497);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:48:27 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1259\");\n script_name(\"CentOS Update for quagga CESA-2012:1259 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1259-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870828", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1259-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00015.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870828\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:41:23 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1259-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1259-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"quagga on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1259 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881497", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881497", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1259 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018868.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881497\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:48:27 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1259\");\n script_name(\"CentOS Update for quagga CESA-2012:1259 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"quagga on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n\n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n\n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n\n Two flaws were found in the way the bgpd daemon processed certain BGP OPEN\n messages. A configured BGP peer could cause bgpd on a target system to\n abort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\n CVE-2012-1820)\n\n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. And the\n CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\n CVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\n Taimisto of the Codenomicon CROSS project as the original reporters of\n CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\n CVE-2011-3326. The CERT/CC acknowle ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-06T13:06:48", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5436", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:864169", "href": "http://plugins.openvas.org/nasl.php?oid=864169", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5436\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n\n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n\n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html\");\n script_id(864169);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:01 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5436\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5436\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5436", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864169", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864169", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5436\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864169\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:01 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5436\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5436\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:06:40", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:864486", "href": "http://plugins.openvas.org/nasl.php?oid=864486", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9103\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is free software that operates TCP/IP-based routing protocols. It takes\n a multi-server and multi-threaded approach to resolving the current complexity\n of the Internet.\n\n Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2,\n OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit; it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082500.html\");\n script_id(864486);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:25:17 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9103\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9103\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864486", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864486", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9103\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082500.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864486\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:25:17 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9103\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9103\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-08T12:56:56", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9116", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:864480", "href": "http://plugins.openvas.org/nasl.php?oid=864480", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9116\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is free software that operates TCP/IP-based routing protocols. It takes\n a multi-server and multi-threaded approach to resolving the current complexity\n of the Internet.\n\n Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2,\n OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit; it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082463.html\");\n script_id(864480);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:24:54 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9116\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9116\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:03:40", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-90)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120299", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120299", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120299\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:23:06 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-90)\");\n script_tag(name:\"insight\", value:\"The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.\");\n script_tag(name:\"solution\", value:\"Run yum update quagga to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-90.html\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2497-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071476", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071476", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2497_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2497-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71476\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:06:44 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2497-1 (quagga)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202497-1\");\n script_tag(name:\"insight\", value:\"It was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your quagga packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.21-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.21-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.21-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:50:36", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2497-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71476", "href": "http://plugins.openvas.org/nasl.php?oid=71476", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2497_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2497-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\n\nWe recommend that you upgrade your quagga packages.\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202497-1\";\n\nif(description)\n{\n script_id(71476);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:06:44 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2497-1 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.21-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.21-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.21-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:41", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2017-04-14T00:00:00", "id": "OPENVAS:71542", "href": "http://plugins.openvas.org/nasl.php?oid=71542", "sourceData": "#\n#VID 1e14d46f-af1f-11e1-b242-00215af774f0\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 1e14d46f-af1f-11e1-b242-00215af774f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n quagga\n quagga-re\n\nCVE-2012-1820\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kb.cert.org/vuls/id/962587\nhttp://www.vuxml.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71542);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 5956 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-14 11:02:12 +0200 (Fri, 14 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:17 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<=0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.10\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:21:08", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1605-1", "cvss3": {}, "published": "2012-10-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1605-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841186", "href": "http://plugins.openvas.org/nasl.php?oid=841186", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1605_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for quagga USN-1605-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Quagga incorrectly handled certain malformed\n messages. A remote attacker could use this flaw to cause Quagga to crash,\n resulting in a denial of service.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1605-1\";\ntag_affected = \"quagga on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1605-1/\");\n script_id(841186);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-12 09:20:37 +0530 (Fri, 12 Oct 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1605-1\");\n script_name(\"Ubuntu Update for quagga USN-1605-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:45", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1605-1", "cvss3": {}, "published": "2012-10-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1605-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841186", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841186", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1605_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for quagga USN-1605-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1605-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841186\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-12 09:20:37 +0530 (Fri, 12 Oct 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1605-1\");\n script_name(\"Ubuntu Update for quagga USN-1605-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1605-1\");\n script_tag(name:\"affected\", value:\"quagga on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Quagga incorrectly handled certain malformed\n messages. A remote attacker could use this flaw to cause Quagga to crash,\n resulting in a denial of service.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9116", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864480", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864480", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9116\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082463.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864480\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:24:54 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9116\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9116\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:01", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071542", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071542", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_quagga4.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 1e14d46f-af1f-11e1-b242-00215af774f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71542\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:17 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n quagga\n quagga-re\n\nCVE-2012-1820\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/962587\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<=0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.10\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T23:03:45", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-70)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120150", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120150", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120150\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:18:40 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-70)\");\n script_tag(name:\"insight\", value:\"Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.\");\n script_tag(name:\"solution\", value:\"Run yum update quagga to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-70.html\");\n script_cve_id(\"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-02T10:56:29", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1258-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:870833", "href": "http://plugins.openvas.org/nasl.php?oid=870833", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1258-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00014.html\");\n script_id(870833);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:42:09 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1258-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1258-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:53", "description": "Oracle Linux Local Security Checks ELSA-2012-1258", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1258", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123825", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123825", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1258.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123825\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:03 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1258\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1258 - quagga security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1258\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1258.html\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:58:08", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1258 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:881499", "href": "http://plugins.openvas.org/nasl.php?oid=881499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1258 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n \n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n \n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n \n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n \n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n \n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n \n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n \n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n \n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\n CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\n Riku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\n project as the original reporters of CVE-2011-3327, CVE-2011-3323,\n CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\n Martin Winte ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018866.html\");\n script_id(881499);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:49:58 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1258\");\n script_name(\"CentOS Update for quagga CESA-2012:1258 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1258 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881499", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1258 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018866.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881499\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:49:58 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1258\");\n script_name(\"CentOS Update for quagga CESA-2012:1258 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"quagga on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n\n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n\n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n\n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. And the\n CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\n Riku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\n project as the original reporters of CVE-2011-3327, CVE-2011-3323,\n CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\n Martin Winte ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1258-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870833", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870833", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1258-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00014.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870833\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:42:09 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1258-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1258-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"quagga on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:07:14", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9117", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864485", "href": "http://plugins.openvas.org/nasl.php?oid=864485", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9117\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082484.html\");\n script_id(864485);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:25:03 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\", \"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\",\n \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9117\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9117\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9117", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864485", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864485", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9117\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082484.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864485\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:25:03 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\", \"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\",\n \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9117\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9117\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:10:10", "description": "### Background\n\nQuagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to cause arbitrary code execution or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Quagga users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/quagga-0.99.22.4\"", "cvss3": {}, "published": "2013-10-10T00:00:00", "type": "gentoo", "title": "Quagga: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236"], "modified": "2013-10-10T00:00:00", "id": "GLSA-201310-08", "href": "https://security.gentoo.org/glsa/201310-08", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:49", "description": "\n\nCERT reports:\n\nThe ospfd implementation of OSPF in Quagga allows a remote\n\t attacker (on a local network segment with OSPF enabled) to cause\n\t a denial of service (daemon aborts due to an assert) with a\n\t malformed OSPF LS-Update message.\nThe ospfd implementation of OSPF in Quagga allows a remote\n\t attacker (on a local network segment with OSPF enabled) to cause\n\t a denial of service (daemon crash) with a malformed OSPF Network-\n\t LSA message.\nThe bgpd implementation of BGP in Quagga allows remote attackers\n\t to cause a denial of service (daemon aborts due to an assert) via\n\t BGP Open message with an invalid AS4 capability.\n\n\n", "cvss3": {}, "published": "2012-03-23T00:00:00", "type": "freebsd", "title": "quagga -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-03-26T00:00:00", "id": "42A2C82A-75B9-11E1-89B4-001EC9578670", "href": "https://vuxml.freebsd.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-19T16:03:49", "description": "\n\nCERT reports:\n\nIf a pre-configured BGP peer sends a specially-crafted OPEN\n\t message with a malformed ORF capability TLV, Quagga bgpd process\n\t will erroneously try to consume extra bytes from the input packet\n\t buffer. The process will detect a buffer overrun attempt before\n\t it happens and immediately terminate with an error message. All\n\t BGP sessions established by the attacked router will be closed\n\t and its BGP routing disrupted.\n\n\n", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "freebsd", "title": "quagga -- BGP OPEN denial of service vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-04T00:00:00", "id": "1E14D46F-AF1F-11E1-B242-00215AF774F0", "href": "https://vuxml.freebsd.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2021-09-28T17:50:52", "description": "### Overview\n\nQuagga, a routing software suite, contains multiple vulnerabilities that result in a denial-of-service condition.\n\n### Description\n\nQuagga 0.99.20 and previous versions are susceptible to various denial-of-service conditions. The Quagga advisories state the following:\n\n**_CVE-2012-0249_****_: _****_E_****_rror in OSPF parsing LS-Update messages Can Cause a Crash of Quagga ospfd_** \n_The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon aborts due to an assert) with a malformed OSPF LS-Update message._ \n \n_Program Impacted: Quagga (ospfd)_ \n \n_Description:_ \n_OSPFv2 implementation in Quagga version 0.99.20 and before does not perform a proper length check for a received LS-Update OSPF packet. A received packet, which has actually less bytes, than it is declared in its header, causes a buffer overflow, which immediately leads to a crash of OSPF protocol process and subsequent disruption of IPv4 routing._ \n \n_Like many other OSPF cases, exploiting this vulnerability requires an ability to form an OSPF adjacency with the attacked OSPF router and initiate a database exchange process with it. Usual OSPF security precautions (including MD5 authentication) may lower the risk of such event. Upgrading to a patched version of Quagga is recommended regardless of any other measures taken._ \n \n**_CVE-2012-0250: Error in OSPF parsing Network-LSA messages Can Cause a Crash of Quagga ospfd_** \n_The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon crash) with a malformed OSPF Network-LSA message._ \n \n_Program Impacted: Quagga (ospfd)_ \n \n_Description:_ \n_OSPFv2 implementation in Quagga version 0.99.20 and before does not perform a proper length check of the Network-LSA structures contained in an LS-Update OSPF packet. When an otherwise correct LS-Update OSPF packet contains a Network-LSA structure, which has its \"Length\" header field set to value bigger than the actual number of bytes in the buffer, a buffer overflow happens. This immediately leads to a crash of OSPF protocol process and subsequent disruption of IPv4 routing._ \n \n_Like many other OSPF cases, exploiting this vulnerability requires an ability to form an OSPF adjacency with the attacked OSPF router and initiate a database exchange process with it. Usual OSPF security precautions (including MD5 authentication) may lower the risk of such event. Upgrading to a patched version of Quagga is recommended regardless of any other measures taken._ \n \n**_CVE-2012-0255: Error in BGP OPEN Message parsing Can Cause a Crash of Quagga bgpd_** \n_The bgpd implementation of BGP in Quagga up to (and including) 0.99.20 allows remote attackers to cause a denial of service (daemon aborts due to an assert) via BGP Open message with an invalid AS4 capability._ \n \n_Program Impacted: Quagga (bgpd)_ \n \n_Description:_ \n_BGP implementation in Quagga version 0.99.20 and before contains an error in processing malformed AS4 capability in the BGP OPEN message which leads to a abort (daemon aborts due to an assert) of the BGP protocol process and subsequent disruption of IP routing. When an OPEN with a malformed AS4 capability message is detected, the code fails to flush the message buffers for the peer. When the peer next connects and sends a message, the code will attempt to parse the stale, half-consumed data in the message buffer as it were a fresh BGP message. This leads to an assert and exit of the BGP daemon in the BGP OPEN message parsing code._ \n \n_The vulnerability is not restricted to BGP neighbors with 4-byte AS but can only be done from any configured peers (or sources spoofing the IP of a configured peer). The potential exists for this condition to be intentionally triggered, resulting in effective denial of service by crashing the BGPd. Usual BGP security precautions (including BGP MD5 authentication) may lower the risk of such event._ \n \n--- \n \n### Impact\n\nA remote attacker may be able to cause a denial-of-service condition. \n \n--- \n \n### Solution\n\n**Apply an Update** \n \nUpgrade to [Quagga 0.99.20.1](<http://download.savannah.gnu.org/releases/quagga/>) either through the GIT master version or by applying a patch. \n \n--- \n \nFor CVE-2012-0255, the following workaround exists: Shutdown sessions to any peers you can not trust, or where you can not ensure the security of the control-plane. \n \n--- \n \n### Vendor Information\n\n551715\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Quagga Affected\n\nNotified: March 07, 2012 Updated: March 21, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett-Packard Company Not Affected\n\nNotified: March 13, 2012 Updated: March 15, 2012 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Infoblox Not Affected\n\nNotified: March 13, 2012 Updated: March 28, 2012 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Debian GNU/Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### FreeBSD Project Unknown\n\nNotified: March 20, 2012 Updated: March 20, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Google Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mandriva S. A. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: March 20, 2012 Updated: March 20, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: March 20, 2012 Updated: March 20, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Openwall GNU/*/Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Red Hat, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SafeNet Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sun Microsystems, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ubuntu Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 27 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 6.1 | AV:A/AC:L/Au:N/C:N/I:N/A:C \nTemporal | 4.8 | E:POC/RL:OF/RC:C \nEnvironmental | 4.8 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n * <http://www.nongnu.org/quagga/>\n * <https://bugzilla.quagga.net/show_bug.cgi?id=705>\n\n### Acknowledgements\n\nThanks to Martin Winter at OpenSourceRouting.org for reporting these vulnerabilities, MU Dynamics for their sponsorship of the protocol fuzzer which uncovered these issues, and Denis Ovsienko & Paul Jakma for fixing the issues.\n\nThis document was written by Jared Allar.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2012-0249](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0249>), [CVE-2012-0250](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0250>), [CVE-2012-0255](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0255>) \n---|--- \n**Severity Metric:** | 1.50 \n**Date Public:** | 2012-03-23 \n**Date First Published:** | 2012-03-23 \n**Date Last Updated: ** | 2012-03-28 12:09 UTC \n**Document Revision: ** | 43 \n", "cvss3": {}, "published": "2012-03-23T00:00:00", "type": "cert", "title": "Quagga contains multiple vulnerabilities", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-03-28T12:09:00", "id": "VU:551715", "href": "https://www.kb.cert.org/vuls/id/551715", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-28T17:50:49", "description": "### Overview\n\nQuagga, a routing software suite, contains a BGP OPEN vulnerability that result in a denial-of-service condition.\n\n### Description\n\nCVE-2012-1820: Quagga version 0.99.20.1 and before contains a bug in BGP OPEN message handling. \n\n\n_Program Impacted: bgpd: fix DoS in bgp_capability_orf() \n \nDescription:_ \n_If a pre-configured BGP peer sends a specially-crafted OPEN message with a malformed ORF capability TLV, Quagga bgpd process will erroneously try to consume extra bytes from the input packet buffer. The process will detect a buffer overrun attempt before it happens and immediately terminate with an error message. All BGP sessions established by the attacked router will be closed and its BGP routing disrupted._ \n \n_An ORF (code 3) capability TLV is defined to contain exactly one AFI/SAFI block. Function bgp_capability_orf(), which parses ORF capability TLV, uses do-while cycle to call its helper function bgp_capability_orf_entry(), which actually processes the AFI/SAFI data block. The call is made at least once and repeated as long as the input buffer has enough data for the next call. \n \nThe helper function, bgp_capability_orf_entry(), uses \"Number of ORFs\" field of the provided AFI/SAFI block to verify, if it fits the input buffer. However, the check is made based on the total length of the ORF TLV regardless of the data already consumed by the previous helper function call(s). This way, the check condition is only valid for the first AFI/SAFI block inside an ORF capability TLV._ \n_ \nFor the subsequent calls of the helper function, if any are made, the check condition may erroneously tell, that the current \"Number of ORFs\" field fits the buffer boundary, where in fact it does not. This makes it possible to trigger an assertion by feeding an OPEN message with a specially-crafted malformed ORF capability TLV._ \n \n \n--- \n \n### Impact\n\nA denial-of-service condition can be caused by an attacker controlling one of the pre-configured BGP peers. In most cases this means, that the attack must be originated from an adjacent network. \n \n--- \n \n### Solution\n\nWe are currently unaware of a practical solution to this problem. \n \n--- \n \n### Vendor Information\n\n962587\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian GNU/Linux Affected\n\nNotified: April 25, 2012 Updated: April 26, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Infoblox Affected\n\nNotified: April 25, 2012 Updated: April 26, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Openwall GNU/*/Linux Not Affected\n\nNotified: April 25, 2012 Updated: April 26, 2012 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Google Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett-Packard Company Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mandriva S. A. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Red Hat, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SafeNet Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sun Microsystems, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ubuntu Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vyatta Unknown\n\nNotified: May 11, 2012 Updated: May 11, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 24 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 5.5 | AV:A/AC:L/Au:S/C:N/I:N/A:C \nTemporal | 4.5 | E:F/RL:OF/RC:C \nEnvironmental | 5 | CDP:L/TD:H/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n<http://www.nongnu.org/quagga/>\n\n### Acknowledgements\n\nThanks to Denis Ovsienko for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2012-1820](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-1820>) \n---|--- \n**Date Public:** | 2012-06-03 \n**Date First Published:** | 2012-06-04 \n**Date Last Updated: ** | 2012-06-11 14:04 UTC \n**Document Revision: ** | 13 \n", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "cert", "title": "Quagga BGP OPEN denial of service vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-11T14:04:00", "id": "VU:962587", "href": "https://www.kb.cert.org/vuls/id/962587", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2021-10-21T23:57:32", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2459-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nApril 26, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : quagga\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-0249 CVE-2012-0250 CVE-2012-0255\n\nSeveral vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\nCVE-2012-0249\n\tA buffer overflow in the ospf_ls_upd_list_lsa function in the\n\tOSPFv2 implementation allows remote attackers to cause a\n\tdenial of service (assertion failure and daemon exit) via a\n\tLink State Update (aka LS Update) packet that is smaller than\n\tthe length specified in its header.\n\nCVE-2012-0250\n\tA buffer overflow in the OSPFv2 implementation allows remote\n\tattackers to cause a denial of service (daemon crash) via a\n\tLink State Update (aka LS Update) packet containing a\n\tnetwork-LSA link-state advertisement for which the\n\tdata-structure length is smaller than the value in the Length\n\theader field.\n\nCVE-2012-0255\n\tThe BGP implementation does not properly use message buffers\n\tfor OPEN messages, which allows remote attackers impersonating\n\ta configured BGP peer to cause a denial of service (assertion\n\tfailure and daemon exit) via a message associated with a\n\tmalformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\nWe recommend that you upgrade your quagga packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-04-26T05:56:28", "type": "debian", "title": "[SECURITY] [DSA 2459-1] quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-26T05:56:28", "id": "DEBIAN:DSA-2459-1:6BDF4", "href": "https://lists.debian.org/debian-security-announce/2012/msg00092.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T23:51:04", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2497-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJune 20, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : quagga\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-1820\nDebian Bug : 676510\n\nIt was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\n\nWe recommend that you upgrade your quagga packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-06-20T20:30:09", "type": "debian", "title": "[SECURITY] [DSA 2497-1] quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-20T20:30:09", "id": "DEBIAN:DSA-2497-1:C0241", "href": "https://lists.debian.org/debian-security-announce/2012/msg00137.html", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-04-20T03:07:24", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: quagga-0.99.20.1-1.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-20T03:07:24", "id": "FEDORA:520CC20C2F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XCM4W7KJMKLEEFZXGPD3I4TQOUDRPRW2/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-04-22T03:43:44", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: quagga-0.99.20.1-1.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-22T03:43:44", "id": "FEDORA:2C9CC214AD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WYTH7OITP6TDAWBVWEF526S5HJIY5PXM/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-04-22T03:48:42", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: quagga-0.99.20.1-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-22T03:48:42", "id": "FEDORA:339B620DE9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HXFGW4KRPATLU26PXXSVAGM63RLYZ57I/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Quagga is free software that operates TCP/IP-based routing protocols. It ta kes a multi-server and multi-threaded approach to resolving the current complex ity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-06-19T14:55:47", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: quagga-0.99.21-2.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-19T14:55:47", "id": "FEDORA:DF7CB20842", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QPKVHLYKPWKPX5KUUQHVRL5F35WSSKCU/", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Quagga is free software that operates TCP/IP-based routing protocols. It ta kes a multi-server and multi-threaded approach to resolving the current complex ity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-06-19T15:07:44", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: quagga-0.99.21-2.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-19T15:07:44", "id": "FEDORA:B7DAD209CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/66J7PDKMF4UY477NIZWZW5Y6NOLKGZN6/", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-06-19T15:02:10", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: quagga-0.99.20.1-2.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2012-1820"], "modified": "2012-06-19T15:02:10", "id": "FEDORA:CF10E20C82", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4MC4MKME2QCNBNC7MICTNKJJYDTJHOOI/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T13:05:48", "description": "It was discovered that Quagga incorrectly handled Link State Update \nmessages with invalid lengths. A remote attacker could use this flaw to \ncause Quagga to crash, resulting in a denial of service. (CVE-2012-0249, \nCVE-2012-0250)\n\nIt was discovered that Quagga incorrectly handled messages with a malformed \nFour-octet AS Number Capability. A remote attacker could use this flaw to \ncause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)\n", "cvss3": {}, "published": "2012-05-15T00:00:00", "type": "ubuntu", "title": "Quagga vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250", "CVE-2012-0249", "CVE-2012-0255"], "modified": "2012-05-15T00:00:00", "id": "USN-1441-1", "href": "https://ubuntu.com/security/notices/USN-1441-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-04T13:02:23", "description": "It was discovered that Quagga incorrectly handled certain malformed \nmessages. A remote attacker could use this flaw to cause Quagga to crash, \nresulting in a denial of service.\n", "cvss3": {}, "published": "2012-10-11T00:00:00", "type": "ubuntu", "title": "Quagga vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-10-11T00:00:00", "id": "USN-1605-1", "href": "https://ubuntu.com/security/notices/USN-1605-1", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2022-08-10T07:09:26", "description": "\nSeveral vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\n\n* [CVE-2012-0249](https://security-tracker.debian.org/tracker/CVE-2012-0249)\nA buffer overflow in the ospf\\_ls\\_upd\\_list\\_lsa function in the\n OSPFv2 implementation allows remote attackers to cause a\n denial of service (assertion failure and daemon exit) via a\n Link State Update (aka LS Update) packet that is smaller than\n the length specified in its header.\n* [CVE-2012-0250](https://security-tracker.debian.org/tracker/CVE-2012-0250)\nA buffer overflow in the OSPFv2 implementation allows remote\n attackers to cause a denial of service (daemon crash) via a\n Link State Update (aka LS Update) packet containing a\n network-LSA link-state advertisement for which the\n data-structure length is smaller than the value in the Length\n header field.\n* [CVE-2012-0255](https://security-tracker.debian.org/tracker/CVE-2012-0255)\nThe BGP implementation does not properly use message buffers\n for OPEN messages, which allows remote attackers impersonating\n a configured BGP peer to cause a denial of service (assertion\n failure and daemon exit) via a message associated with a\n malformed AS4 capability.\n\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze2.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "osv", "title": "quagga - regression", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2022-08-10T07:08:53", "id": "OSV:DSA-2459-2", "href": "https://osv.dev/vulnerability/DSA-2459-2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:09:27", "description": "\nSeveral vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\n\n* [CVE-2012-0249](https://security-tracker.debian.org/tracker/CVE-2012-0249)\nA buffer overflow in the ospf\\_ls\\_upd\\_list\\_lsa function in the\n OSPFv2 implementation allows remote attackers to cause a\n denial of service (assertion failure and daemon exit) via a\n Link State Update (aka LS Update) packet that is smaller than\n the length specified in its header.\n* [CVE-2012-0250](https://security-tracker.debian.org/tracker/CVE-2012-0250)\nA buffer overflow in the OSPFv2 implementation allows remote\n attackers to cause a denial of service (daemon crash) via a\n Link State Update (aka LS Update) packet containing a\n network-LSA link-state advertisement for which the\n data-structure length is smaller than the value in the Length\n header field.\n* [CVE-2012-0255](https://security-tracker.debian.org/tracker/CVE-2012-0255)\nThe BGP implementation does not properly use message buffers\n for OPEN messages, which allows remote attackers impersonating\n a configured BGP peer to cause a denial of service (assertion\n failure and daemon exit) via a message associated with a\n malformed AS4 capability.\n\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze2.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "osv", "title": "quagga - several", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2022-08-10T07:08:53", "id": "OSV:DSA-2459-1", "href": "https://osv.dev/vulnerability/DSA-2459-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-21T08:30:44", "description": "\nIt was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2012-06-20T00:00:00", "type": "osv", "title": "quagga - denial of service", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2022-07-21T05:47:44", "id": "OSV:DSA-2497-1", "href": "https://osv.dev/vulnerability/DSA-2497-1", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-19T18:38:49", "description": "Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN\nmessages. A configured BGP peer could cause bgpd on a target system to\nabort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\nCVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\nCVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\nTaimisto of the Codenomicon CROSS project as the original reporters of\nCVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\nCVE-2011-3326. The CERT/CC acknowledges Martin Winter at\nOpenSourceRouting.org as the original reporter of CVE-2012-0249,\nCVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original\nreporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "redhat", "title": "(RHSA-2012:1259) Moderate: quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2018-06-06T16:24:34", "id": "RHSA-2012:1259", "href": "https://access.redhat.com/errata/RHSA-2012:1259", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T04:42:43", "description": "Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A configured\nBGP peer could crash bgpd on a target system via a specially-crafted BGP\nmessage. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\nproject as the original reporters of CVE-2011-3327, CVE-2011-3323,\nCVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\nMartin Winter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "redhat", "title": "(RHSA-2012:1258) Moderate: quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2017-09-08T07:54:37", "id": "RHSA-2012:1258", "href": "https://access.redhat.com/errata/RHSA-2012:1258", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2022-02-27T11:55:22", "description": "**CentOS Errata and Security Advisory** CESA-2012:1259\n\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN\nmessages. A configured BGP peer could cause bgpd on a target system to\nabort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\nCVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\nCVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\nTaimisto of the Codenomicon CROSS project as the original reporters of\nCVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\nCVE-2011-3326. The CERT/CC acknowledges Martin Winter at\nOpenSourceRouting.org as the original reporter of CVE-2012-0249,\nCVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original\nreporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-September/055787.html\n\n**Affected packages:**\nquagga\nquagga-contrib\nquagga-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:1259", "cvss3": {}, "published": "2012-09-12T23:23:05", "type": "centos", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2012-09-12T23:23:05", "id": "CESA-2012:1259", "href": "https://lists.centos.org/pipermail/centos-announce/2012-September/055787.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-27T11:55:22", "description": "**CentOS Errata and Security Advisory** CESA-2012:1258\n\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A configured\nBGP peer could crash bgpd on a target system via a specially-crafted BGP\nmessage. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\nproject as the original reporters of CVE-2011-3327, CVE-2011-3323,\nCVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\nMartin Winter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-September/055785.html\n\n**Affected packages:**\nquagga\nquagga-contrib\nquagga-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:1258", "cvss3": {}, "published": "2012-09-12T21:45:33", "type": "centos", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2012-09-12T21:45:33", "id": "CESA-2012:1258", "href": "https://lists.centos.org/pipermail/centos-announce/2012-September/055785.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:44", "description": "Multiple memory corruptions on OSPF and BGP packets parsing.", "edition": 1, "cvss3": {}, "published": "2011-10-10T00:00:00", "title": "quagga route daemon multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2011-10-10T00:00:00", "id": "SECURITYVULNS:VULN:11957", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11957", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:26", "description": "[0.99.15-7.2]\n- improve fix for CVE-2011-3325\n[0.99.15-7.1]\n- fix CVE-2011-3323\n- fix CVE-2011-3324\n- fix CVE-2011-3325\n- fix CVE-2011-3326\n- fix CVE-2011-3327\n- fix CVE-2012-0255\n- fix CVE-2012-0249 and CVE-2012-0250\n- fix CVE-2012-1820\n[0.99.15-7]\n- Resolves: #684751 - CVE-2010-1674 CVE-2010-1675 quagga various flaws\n[0.99.15-6]\n- Resolves: #644832 - CVE-2010-2948 CVE-2010-2949 quagga various flaws", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "oraclelinux", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2010-2949", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2010-2948", "CVE-2010-1675", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2012-09-12T00:00:00", "id": "ELSA-2012-1259", "href": "http://linux.oracle.com/errata/ELSA-2012-1259.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-30T06:24:35", "description": "[0.99.15-14]\n- Resolves: #1416013 - CVE-2017-5495 quagga: Telnet interface input buffer allocates unbounded amounts of memory\n[0.99.15-13]\n- fix path of ripd pid file (#842308)\n[0.99.15-12]\n- fix start() function in watchqugga initscript (#862826, #1208617)\n[0.99.15-11]\n- fix for CVE-2013-2236 (#1391918)\n- fix for CVE-2016-1245 (#1391914)\n- fix for CVE-2016-2342 (#1391916)\n- fix for CVE-2016-4049 (#1391919)\n[0.99.15-11]\n- ospf6d: Fix crash when '[no] ipv6 ospf6 advertise prefix-list' is in startup-config (#770731)\n[0.99.15-10]\n- add watchquagga initscript (#862826, #1208617)\n- remove pidfile when service is stopped (#842308)\n- use QCONFDIR correctly in initscripts (#839620)\n- include watchquagga and ospfclient manpages (#674862)\n[0.99.15-9]\n- improve fix for CVE-2011-3325\n[0.99.15-8]\n- fix CVE-2011-3323\n- fix CVE-2011-3324\n- fix CVE-2011-3325\n- fix CVE-2011-3326\n- fix CVE-2011-3327\n- fix CVE-2012-0255\n- fix CVE-2012-0249 and CVE-2012-0250\n- fix CVE-2012-1820", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-27T00:00:00", "type": "oraclelinux", "title": "quagga security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2017-03-27T00:00:00", "id": "ELSA-2017-0794", "href": "http://linux.oracle.com/errata/ELSA-2017-0794.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:18", "description": "[0.98.6-7.1]\n- fix CVE-2011-3323\n- fix CVE-2011-3324\n- fix CVE-2011-3325\n- fix CVE-2011-3326\n- fix CVE-2011-3327\n- fix CVE-2012-0249\n- fix CVE-2010-1674\n[0.98.6-7]\n- Resolves: #638628 - CVE-2007-4826 CVE-2010-2948 quagga: various flaws\n[0.98.6-6]\n- Resolves: #528583 - Missing declarations cause zebra to segfault", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "oraclelinux", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2007-4826", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2010-2948", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2012-09-12T00:00:00", "id": "ELSA-2012-1258", "href": "http://linux.oracle.com/errata/ELSA-2012-1258.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:29:56", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier\nallows remote attackers to cause a denial of service (assertion failure and\ndaemon exit) by leveraging a BGP peering relationship and sending a\nmalformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1820>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676510>\n * <https://bugs.launchpad.net/ubuntu/+source/quagga/+bug/1018052>\n", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "ubuntucve", "title": "CVE-2012-1820", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-13T00:00:00", "id": "UB:CVE-2012-1820", "href": "https://ubuntu.com/security/CVE-2012-1820", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:30:31", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure length is\nsmaller than the value in the Length header field.", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "ubuntucve", "title": "CVE-2012-0250", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2012-04-05T00:00:00", "id": "UB:CVE-2012-0250", "href": "https://ubuntu.com/security/CVE-2012-0250", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:30:31", "description": "Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in\nthe OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote\nattackers to cause a denial of service (assertion failure and daemon exit)\nvia a Link State Update (aka LS Update) packet that is smaller than the\nlength specified in its header.\n\n#### Bugs\n\n * <https://bugzilla.quagga.net/show_bug.cgi?id=705>\n", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "ubuntucve", "title": "CVE-2012-0249", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249"], "modified": "2012-04-05T00:00:00", "id": "UB:CVE-2012-0249", "href": "https://ubuntu.com/security/CVE-2012-0249", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:30:30", "description": "The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly\nuse message buffers for OPEN messages, which allows remote attackers to\ncause a denial of service (assertion failure and daemon exit) via a message\nassociated with a malformed Four-octet AS Number Capability (aka AS4\ncapability).", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "ubuntucve", "title": "CVE-2012-0255", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0255"], "modified": "2012-04-05T00:00:00", "id": "UB:CVE-2012-0255", "href": "https://ubuntu.com/security/CVE-2012-0255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-04T06:01:57", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.", "cvss3": {}, "published": "2012-06-13T15:55:00", "type": "debiancve", "title": "CVE-2012-1820", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-13T15:55:00", "id": "DEBIANCVE:CVE-2012-1820", "href": "https://security-tracker.debian.org/tracker/CVE-2012-1820", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "debiancve", "title": "CVE-2012-0250", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2012-04-05T13:25:00", "id": "DEBIANCVE:CVE-2012-0250", "href": "https://security-tracker.debian.org/tracker/CVE-2012-0250", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "debiancve", "title": "CVE-2012-0249", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249"], "modified": "2012-04-05T13:25:00", "id": "DEBIANCVE:CVE-2012-0249", "href": "https://security-tracker.debian.org/tracker/CVE-2012-0249", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "debiancve", "title": "CVE-2012-0255", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0255"], "modified": "2012-04-05T13:25:00", "id": "DEBIANCVE:CVE-2012-0255", "href": "https://security-tracker.debian.org/tracker/CVE-2012-0255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:07:24", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.", "cvss3": {}, "published": "2012-06-13T15:55:00", "type": "cve", "title": "CVE-2012-1820", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2013-03-02T04:40:00", "cpe": ["cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.20.1", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-1820", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1820", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:35:33", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "cve", "title": "CVE-2012-0250", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-0250", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0250", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:36:06", "description": "Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "cve", "title": "CVE-2012-0249", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-0249", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0249", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:35:40", "description": "The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "cve", "title": "CVE-2012-0255", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0255"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-0255", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}], "amazon": [{"lastseen": "2021-07-25T19:33:31", "description": "**Issue Overview:**\n\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.\n\n \n**Affected Packages:** \n\n\nquagga\n\n \n**Issue Correction:** \nRun _yum update quagga_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 quagga-devel-0.99.20.1-1.5.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-debuginfo-0.99.20.1-1.5.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.5.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-contrib-0.99.20.1-1.5.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.5.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.5.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-debuginfo-0.99.20.1-1.5.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-devel-0.99.20.1-1.5.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-contrib-0.99.20.1-1.5.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2012-06-19T16:01:00", "type": "amazon", "title": "Low: quagga", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2014-09-14T16:37:00", "id": "ALAS-2012-090", "href": "https://alas.aws.amazon.com/ALAS-2012-90.html", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-25T19:33:42", "description": "**Issue Overview:**\n\nBuffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. \n\n \n**Affected Packages:** \n\n\nquagga\n\n \n**Issue Correction:** \nRun _yum update quagga_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 quagga-contrib-0.99.20.1-1.4.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.4.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-devel-0.99.20.1-1.4.amzn1.i686 \n \u00a0\u00a0\u00a0 quagga-debuginfo-0.99.20.1-1.4.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.4.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 quagga-contrib-0.99.20.1-1.4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-devel-0.99.20.1-1.4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-0.99.20.1-1.4.amzn1.x86_64 \n \u00a0\u00a0\u00a0 quagga-debuginfo-0.99.20.1-1.4.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2012-04-30T14:55:00", "type": "amazon", "title": "Medium: quagga", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2014-09-14T15:49:00", "id": "ALAS-2012-070", "href": "https://alas.aws.amazon.com/ALAS-2012-70.html", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}]}

SuSE 11.1 Security Update : quagga (SAT Patch Number 6241)

Description

Related