quagga - denial of service

2012-06-2000:00:00

Google

osv.dev

JSON

It was discovered that Quagga, a routing daemon, contains a
vulnerability in processing the ORF capability in BGP OPEN messages.
A malformed OPEN message from a previously configured BGP peer could
cause bgpd to crash, causing a denial of service.

For the stable distribution (squeeze), this problem has been fixed in
version 0.99.20.1-0+squeeze3.

For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 0.99.21-3.

We recommend that you upgrade your quagga packages.

CPENameOperatorVersion
quaggaeq0.99.17-2
quaggaeq0.99.17-2+squeeze2
quaggaeq0.99.17-2+squeeze3
quaggaeq0.99.17-3
quaggaeq0.99.17-4
quaggaeq0.99.18-1
quaggaeq0.99.18-2
quaggaeq0.99.19-1
quaggaeq0.99.20-1
quaggaeq0.99.20-1~bpo60+1

Name	Operator	Version
quagga	eq	0.99.17-2
quagga	eq	0.99.17-2+squeeze2
quagga	eq	0.99.17-2+squeeze3
quagga	eq	0.99.17-3
quagga	eq	0.99.17-4
quagga	eq	0.99.18-1
quagga	eq	0.99.18-2
quagga	eq	0.99.19-1
quagga	eq	0.99.20-1
quagga	eq	0.99.20-1~bpo60+1

Rows per page:

1-10 of 151

References

www.debian.org/security/2012/dsa-2497

JSON