CentOS Update for quagga CESA-2010:0785 centos4 i386

2010-11-0400:00:00

plugins.openvas.org

0.056 Low

EPSS

Percentile

92.5%

JSON

Check for the Version of quagga

###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for quagga CESA-2010:0785 centos4 i386
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon
  implements the BGP (Border Gateway Protocol) routing protocol.

  A stack-based buffer overflow flaw was found in the way the Quagga bgpd
  daemon processed certain BGP Route Refresh (RR) messages. A configured BGP
  peer could send a specially-crafted BGP message, causing bgpd on a target
  system to crash or, possibly, execute arbitrary code with the privileges of
  the user running bgpd. (CVE-2010-2948)

  Note: On Red Hat Enterprise Linux 5 it is not possible to exploit
  CVE-2010-2948 to run arbitrary code as the overflow is blocked by
  FORTIFY_SOURCE.

  Multiple NULL pointer dereference flaws were found in the way the Quagga
  bgpd daemon processed certain specially-crafted BGP messages. A configured
  BGP peer could crash bgpd on a target system via specially-crafted BGP
  messages. (CVE-2007-4826)

  Users of quagga should upgrade to these updated packages, which contain
  backported patches to correct these issues. After installing the updated
  packages, the bgpd daemon must be restarted for the update to take effect.";
tag_solution = "Please Install the Updated Packages.";

tag_affected = "quagga on CentOS 4";


if(description)
{
  script_xref(name : "URL" , value : "http://lists.centos.org/pipermail/centos-announce/2010-October/017115.html");
  script_oid("1.3.6.1.4.1.25623.1.0.880445");
  script_version("$Revision: 8495 $");
  script_tag(name:"last_modification", value:"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $");
  script_tag(name:"creation_date", value:"2010-11-04 12:09:38 +0100 (Thu, 04 Nov 2010)");
  script_tag(name:"cvss_base", value:"6.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:P/I:P/A:P");
  script_xref(name: "CESA", value: "2010:0785");
  script_cve_id("CVE-2007-4826", "CVE-2010-2948");
  script_name("CentOS Update for quagga CESA-2010:0785 centos4 i386");

  script_tag(name: "summary" , value: "Check for the Version of quagga");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("CentOS Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "CentOS4")
{

  if ((res = isrpmvuln(pkg:"quagga", rpm:"quagga~0.98.3~4.el4_8.1", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"quagga-contrib", rpm:"quagga-contrib~0.98.3~4.el4_8.1", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"quagga-devel", rpm:"quagga-devel~0.98.3~4.el4_8.1", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}