Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon
implements the BGP (Border Gateway Protocol) routing protocol. The Quagga
ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)
routing protocol.
A heap-based buffer overflow flaw was found in the way the bgpd daemon
processed malformed Extended Communities path attributes. An attacker could
send a specially-crafted BGP message, causing bgpd on a target system to
crash or, possibly, execute arbitrary code with the privileges of the user
running bgpd. The UPDATE message would have to arrive from an explicitly
configured BGP peer, but could have originated elsewhere in the BGP
network. (CVE-2011-3327)
A stack-based buffer overflow flaw was found in the way the ospf6d daemon
processed malformed Link State Update packets. An OSPF router could use
this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)
A flaw was found in the way the ospf6d daemon processed malformed link
state advertisements. An OSPF neighbor could use this flaw to crash
ospf6d on a target system. (CVE-2011-3324)
A flaw was found in the way the ospfd daemon processed malformed Hello
packets. An OSPF neighbor could use this flaw to crash ospfd on a
target system. (CVE-2011-3325)
A flaw was found in the way the ospfd daemon processed malformed link state
advertisements. An OSPF router in the autonomous system could use this flaw
to crash ospfd on a target system. (CVE-2011-3326)
An assertion failure was found in the way the ospfd daemon processed
certain Link State Update packets. An OSPF router could use this flaw to
cause ospfd on an adjacent router to abort. (CVE-2012-0249)
A buffer overflow flaw was found in the way the ospfd daemon processed
certain Link State Update packets. An OSPF router could use this flaw to
crash ospfd on an adjacent router. (CVE-2012-0250)
Two flaws were found in the way the bgpd daemon processed certain BGP OPEN
messages. A configured BGP peer could cause bgpd on a target system to
abort via a specially-crafted BGP OPEN message. (CVE-2012-0255,
CVE-2012-1820)
Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,
CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the
CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and
CVE-2012-1820. CERT-FI acknowledges Riku Hietamäki, Tuomo Untinen and Jukka
Taimisto of the Codenomicon CROSS project as the original reporters of
CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and
CVE-2011-3326. The CERT/CC acknowledges Martin Winter at
OpenSourceRouting.org as the original reporter of CVE-2012-0249,
CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original
reporter of CVE-2012-1820.
Users of quagga should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing the updated
packages, the bgpd, ospfd, and ospf6d daemons will be restarted
automatically.
{"id": "RHSA-2012:1259", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2012:1259) Moderate: quagga security update", "description": "Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN\nmessages. A configured BGP peer could cause bgpd on a target system to\nabort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\nCVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\nCVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\nTaimisto of the Codenomicon CROSS project as the original reporters of\nCVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\nCVE-2011-3326. The CERT/CC acknowledges Martin Winter at\nOpenSourceRouting.org as the original reporter of CVE-2012-0249,\nCVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original\nreporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n", "published": "2012-09-12T00:00:00", "modified": "2018-06-06T16:24:34", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://access.redhat.com/errata/RHSA-2012:1259", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "immutableFields": [], "lastseen": "2021-10-19T18:38:49", "viewCount": 4, "enchantments": {"score": {"value": 0.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2012-070", "ALAS-2012-090"]}, {"type": "centos", "idList": ["CESA-2012:1258", "CESA-2012:1259"]}, {"type": "cert", "idList": ["VU:551715", "VU:668534", "VU:962587"]}, {"type": "cve", "idList": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2316-1:AD6E3", "DEBIAN:DSA-2459-1:6BDF4", "DEBIAN:DSA-2497-1:C0241"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-3323", "DEBIANCVE:CVE-2011-3324", "DEBIANCVE:CVE-2011-3325", "DEBIANCVE:CVE-2011-3326", "DEBIANCVE:CVE-2011-3327", "DEBIANCVE:CVE-2012-0249", "DEBIANCVE:CVE-2012-0250", "DEBIANCVE:CVE-2012-0255", "DEBIANCVE:CVE-2012-1820"]}, {"type": "fedora", "idList": ["FEDORA:174EB214C3", "FEDORA:2C9CC214AD", "FEDORA:339B620DE9", "FEDORA:520CC20C2F", "FEDORA:729B120E3B", "FEDORA:910AD21001", "FEDORA:B7DAD209CA", "FEDORA:CF10E20C82", "FEDORA:DF7CB20842"]}, {"type": "freebsd", "idList": ["1E14D46F-AF1F-11E1-B242-00215AF774F0", "42A2C82A-75B9-11E1-89B4-001EC9578670", "AB9BE2C8-EF91-11E0-AD5A-00215C6A37BB"]}, {"type": "gentoo", "idList": ["GLSA-201202-02", "GLSA-201310-08"]}, {"type": "nessus", "idList": ["ALA_ALAS-2012-70.NASL", "ALA_ALAS-2012-90.NASL", "CENTOS_RHSA-2012-1258.NASL", "CENTOS_RHSA-2012-1259.NASL", "DEBIAN_DSA-2316.NASL", "DEBIAN_DSA-2459.NASL", "DEBIAN_DSA-2497.NASL", "FEDORA_2011-13492.NASL", "FEDORA_2011-13499.NASL", "FEDORA_2011-13504.NASL", "FEDORA_2012-5352.NASL", "FEDORA_2012-5411.NASL", "FEDORA_2012-5436.NASL", "FEDORA_2012-9103.NASL", "FEDORA_2012-9116.NASL", "FEDORA_2012-9117.NASL", "FREEBSD_PKG_1E14D46FAF1F11E1B24200215AF774F0.NASL", "FREEBSD_PKG_42A2C82A75B911E189B4001EC9578670.NASL", "FREEBSD_PKG_AB9BE2C8EF9111E0AD5A00215C6A37BB.NASL", "GENTOO_GLSA-201202-02.NASL", "GENTOO_GLSA-201310-08.NASL", "MANDRIVA_MDVSA-2013-122.NASL", "ORACLELINUX_ELSA-2012-1258.NASL", "ORACLELINUX_ELSA-2012-1259.NASL", "QUAGGA_0_99_17.NASL", "QUAGGA_0_99_19.NASL", "QUAGGA_0_99_20_1.NASL", "QUAGGA_0_99_21.NASL", "REDHAT-RHSA-2012-1258.NASL", "REDHAT-RHSA-2012-1259.NASL", "SL_20120912_QUAGGA_ON_SL5_X.NASL", "SL_20120912_QUAGGA_ON_SL6_X.NASL", "SOLARIS11_QUAGGA_20120404.NASL", "SOLARIS11_QUAGGA_20120821.NASL", "SUSE_11_3_QUAGGA-111013.NASL", "SUSE_11_4_QUAGGA-111013.NASL", "SUSE_11_QUAGGA-110920.NASL", "SUSE_11_QUAGGA-110921.NASL", "SUSE_11_QUAGGA-120430.NASL", "SUSE_QUAGGA-7767.NASL", "SUSE_QUAGGA-7768.NASL", "SUSE_QUAGGA-8108.NASL", "UBUNTU_USN-1261-1.NASL", "UBUNTU_USN-1441-1.NASL", "UBUNTU_USN-1605-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120150", "OPENVAS:1361412562310120299", "OPENVAS:1361412562310121046", "OPENVAS:1361412562310123824", "OPENVAS:1361412562310123825", "OPENVAS:136141256231070405", "OPENVAS:136141256231070412", "OPENVAS:136141256231071177", "OPENVAS:136141256231071263", "OPENVAS:136141256231071290", "OPENVAS:136141256231071476", "OPENVAS:136141256231071542", "OPENVAS:1361412562310840806", "OPENVAS:1361412562310841005", "OPENVAS:1361412562310841186", "OPENVAS:1361412562310863589", "OPENVAS:1361412562310863590", "OPENVAS:1361412562310863781", "OPENVAS:1361412562310864166", "OPENVAS:1361412562310864169", "OPENVAS:1361412562310864412", "OPENVAS:1361412562310864480", "OPENVAS:1361412562310864485", "OPENVAS:1361412562310864486", "OPENVAS:1361412562310870828", "OPENVAS:1361412562310870833", "OPENVAS:1361412562310881497", "OPENVAS:1361412562310881499", "OPENVAS:70405", "OPENVAS:70412", "OPENVAS:71177", "OPENVAS:71263", "OPENVAS:71290", "OPENVAS:71476", "OPENVAS:71542", "OPENVAS:840806", "OPENVAS:841005", "OPENVAS:841186", "OPENVAS:863589", "OPENVAS:863590", "OPENVAS:863781", "OPENVAS:864166", "OPENVAS:864169", "OPENVAS:864412", "OPENVAS:864480", "OPENVAS:864485", "OPENVAS:864486", "OPENVAS:870828", "OPENVAS:870833", "OPENVAS:881497", "OPENVAS:881499"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1258", "ELSA-2012-1259", "ELSA-2017-0794"]}, {"type": "osv", "idList": ["OSV:DSA-2316-1", "OSV:DSA-2459-1", "OSV:DSA-2459-2", "OSV:DSA-2497-1"]}, {"type": "redhat", "idList": ["RHSA-2012:1258"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27140", "SECURITYVULNS:VULN:11957"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:1155-1", "SUSE-SU-2011:1075-1", "SUSE-SU-2011:1171-1", "SUSE-SU-2011:1316-1"]}, {"type": "ubuntu", "idList": ["USN-1261-1", "USN-1441-1", "USN-1605-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-3323", "UB:CVE-2011-3324", "UB:CVE-2011-3325", "UB:CVE-2011-3326", "UB:CVE-2011-3327", "UB:CVE-2012-0249", "UB:CVE-2012-0250", "UB:CVE-2012-0255", "UB:CVE-2012-1820"]}]}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2012-070"]}, {"type": "centos", "idList": ["CESA-2012:1258", "CESA-2012:1259"]}, {"type": "cert", "idList": ["VU:668534"]}, {"type": "cve", "idList": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2497-1:C0241"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-3327", "DEBIANCVE:CVE-2012-0249"]}, {"type": "fedora", "idList": ["FEDORA:174EB214C3", "FEDORA:DF7CB20842"]}, {"type": "freebsd", "idList": ["1E14D46F-AF1F-11E1-B242-00215AF774F0", "42A2C82A-75B9-11E1-89B4-001EC9578670", "AB9BE2C8-EF91-11E0-AD5A-00215C6A37BB"]}, {"type": "gentoo", "idList": ["GLSA-201310-08"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/GENTOO-LINUX-CVE-2012-0249/"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2316.NASL", "FEDORA_2011-13499.NASL", "FREEBSD_PKG_1E14D46FAF1F11E1B24200215AF774F0.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120299", "OPENVAS:136141256231070405", "OPENVAS:1361412562310870828", "OPENVAS:841186", "OPENVAS:864166", "OPENVAS:870828"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1258"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27140"]}, {"type": "suse", "idList": ["SUSE-SU-2011:1075-1"]}, {"type": "ubuntu", "idList": ["USN-1261-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-3326"]}]}, "exploitation": null, "vulnersScore": 0.8}, "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-debuginfo-0.99.15-7.el6_3.2.x86_64.rpm", "operator": "lt", "packageName": "quagga-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-devel-0.99.15-7.el6_3.2.s390.rpm", "operator": "lt", "packageName": "quagga-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-contrib-0.99.15-7.el6_3.2.x86_64.rpm", "operator": "lt", "packageName": "quagga-contrib"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-contrib-0.99.15-7.el6_3.2.ppc64.rpm", "operator": "lt", "packageName": "quagga-contrib"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-debuginfo-0.99.15-7.el6_3.2.s390x.rpm", "operator": "lt", "packageName": "quagga-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-contrib-0.99.15-7.el6_3.2.s390x.rpm", "operator": "lt", "packageName": "quagga-contrib"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-debuginfo-0.99.15-7.el6_3.2.ppc.rpm", "operator": "lt", "packageName": "quagga-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-0.99.15-7.el6_3.2.ppc64.rpm", "operator": "lt", "packageName": "quagga"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-0.99.15-7.el6_3.2.i686.rpm", "operator": "lt", "packageName": "quagga"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-0.99.15-7.el6_3.2.s390x.rpm", "operator": "lt", "packageName": "quagga"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-devel-0.99.15-7.el6_3.2.s390x.rpm", "operator": "lt", "packageName": "quagga-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-contrib-0.99.15-7.el6_3.2.i686.rpm", "operator": "lt", "packageName": "quagga-contrib"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-devel-0.99.15-7.el6_3.2.i686.rpm", "operator": "lt", "packageName": "quagga-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-devel-0.99.15-7.el6_3.2.ppc64.rpm", "operator": "lt", "packageName": "quagga-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-devel-0.99.15-7.el6_3.2.ppc.rpm", "operator": "lt", "packageName": "quagga-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-0.99.15-7.el6_3.2.x86_64.rpm", "operator": "lt", "packageName": "quagga"}, {"OS": "RedHat", "OSVersion": "6", "arch": "src", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-0.99.15-7.el6_3.2.src.rpm", "operator": "lt", "packageName": "quagga"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-debuginfo-0.99.15-7.el6_3.2.ppc64.rpm", "operator": "lt", "packageName": "quagga-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-devel-0.99.15-7.el6_3.2.x86_64.rpm", "operator": "lt", "packageName": "quagga-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-debuginfo-0.99.15-7.el6_3.2.i686.rpm", "operator": "lt", "packageName": "quagga-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390", "packageVersion": "0.99.15-7.el6_3.2", "packageFilename": "quagga-debuginfo-0.99.15-7.el6_3.2.s390.rpm", "operator": "lt", "packageName": "quagga-debuginfo"}], "vendorCvss": {"severity": "moderate"}, "_state": {"dependencies": 1660004461, "score": 1659821240}, "_internal": {"score_hash": "d39694ac920b4480fc311a8882587690"}}
{"securityvulns": [{"lastseen": "2018-08-31T11:09:44", "description": "Multiple memory corruptions on OSPF and BGP packets parsing.", "edition": 1, "cvss3": {}, "published": "2011-10-10T00:00:00", "title": "quagga route daemon multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2011-10-10T00:00:00", "id": "SECURITYVULNS:VULN:11957", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11957", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:42", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2316-1 security@debian.org\r\nhttp://www.debian.org/security/ Florian Weimer\r\nOctober 05, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : quagga\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327\r\n\r\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several\r\nvulnerabilities in Quagga, an Internet routing daemon:\r\n\r\nCVE-2011-3323\r\n A stack-based buffer overflow while decoding Link State Update\r\n packets with a malformed Inter Area Prefix LSA can cause the\r\n ospf6d process to crash or (potentially) execute arbitrary\r\n code.\r\n\r\nCVE-2011-3324\r\n The ospf6d process can crash while processing a Database\r\n Description packet with a crafted Link-State-Advertisement.\r\n\r\nCVE-2011-3325\r\n The ospfd process can crash while processing a crafted Hello\r\n packet.\r\n\r\nCVE-2011-3326\r\n The ospfd process crashes while processing\r\n Link-State-Advertisements of a type not known to Quagga.\r\n\r\nCVE-2011-3327\r\n A heap-based buffer overflow while processing BGP UPDATE\r\n messages containing an Extended Communities path attribute\r\n can cause the bgpd process to crash or (potentially) execute\r\n arbitrary code.\r\n\r\nThe OSPF-related vulnerabilities require that potential attackers send\r\npackets to a vulnerable Quagga router; the packets are not distributed\r\nover OSPF. In contrast, the BGP UPDATE messages could be propagated\r\nby some routers.\r\n\r\nFor the oldstable distribution (lenny), these problems have been fixed\r\nin version 0.99.10-1lenny6.\r\n\r\nFor the stable distribution (squeeze), these problems have been fixed\r\nin version 0.99.17-2+squeeze3.\r\n\r\nFor the testing distribution (wheezy) and the unstable distribution\r\n(sid), these problems have been fixed in version 0.99.19-1.\r\n\r\nWe recommend that you upgrade your quagga packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJOjKspAAoJEL97/wQC1SS+rCgH/0DNOzTL5KtWQGwJ0OCYg8i2\r\nswX29kErsfqwsr4tQCeCDZ/W+ymoOzahDUAtninEPuP/owdZEuSHTQEmcfuVgSiO\r\n84o0uGmyxLMjsTpK8x+1+H0q3cx8hqOyAEZkAccS3PBpqXIe5XgZt66K0bISuGA2\r\nqk0jRqbhIKfxpf+o2kZxPUNHajMYKsnNPZ66XCThQuTZJ2QGqj0crnwgzCf9zSCr\r\nyWUWasLz24AZvf0L7dt+8sJHK6QYC7MUeRC1D5M5DBLfolATWSQeBxnKrNJyr9zx\r\nuEQS2EaktxkuWPJqh2e/R6sMJUH0RUlK3ewFZWRkJL2w/kLrTBNpD6XH5esQM4M=\r\n=xojO\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2011-10-10T00:00:00", "title": "[SECURITY] [DSA 2316-1] quagga security update", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2011-10-10T00:00:00", "id": "SECURITYVULNS:DOC:27140", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27140", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1259-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870828", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1259-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00015.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870828\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:41:23 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1259-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1259-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"quagga on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1259 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881497", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881497", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1259 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018868.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881497\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:48:27 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1259\");\n script_name(\"CentOS Update for quagga CESA-2012:1259 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"quagga on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n\n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n\n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n\n Two flaws were found in the way the bgpd daemon processed certain BGP OPEN\n messages. A configured BGP peer could cause bgpd on a target system to\n abort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\n CVE-2012-1820)\n\n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. And the\n CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\n CVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\n Taimisto of the Codenomicon CROSS project as the original reporters of\n CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\n CVE-2011-3326. The CERT/CC acknowle ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:06:31", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1259 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:881497", "href": "http://plugins.openvas.org/nasl.php?oid=881497", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1259 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n \n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n \n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n \n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n \n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n \n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n \n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n \n Two flaws were found in the way the bgpd daemon processed certain BGP OPEN\n messages. A configured BGP peer could cause bgpd on a target system to\n abort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\n CVE-2012-1820)\n \n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\n CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\n CVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\n Taimisto of the Codenomicon CROSS project as the original reporters of\n CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\n CVE-2011-3326. The CERT/CC acknowle ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018868.html\");\n script_id(881497);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:48:27 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1259\");\n script_name(\"CentOS Update for quagga CESA-2012:1259 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.15~7.el6_3.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:04", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1259-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:870828", "href": "http://plugins.openvas.org/nasl.php?oid=870828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1259-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00015.html\");\n script_id(870828);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:41:23 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\",\n \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1259-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1259-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.15~7.el6_3.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:10", "description": "Oracle Linux Local Security Checks ELSA-2012-1259", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1259", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123824", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123824", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1259.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123824\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:02 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1259\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1259 - quagga security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1259\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1259.html\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.15~7.el6_3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.15~7.el6_3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.15~7.el6_3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5436", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864169", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864169", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5436\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864169\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:01 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5436\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5436\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-06T13:06:48", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5436", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:864169", "href": "http://plugins.openvas.org/nasl.php?oid=864169", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5436\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n\n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n\n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html\");\n script_id(864169);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:01 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5436\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5436\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:07:14", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9117", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864485", "href": "http://plugins.openvas.org/nasl.php?oid=864485", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9117\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082484.html\");\n script_id(864485);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:25:03 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\", \"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\",\n \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9117\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9117\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9117", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864485", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864485", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9117\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082484.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864485\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:25:03 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\", \"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\",\n \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9117\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9117\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1258 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881499", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1258 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018866.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881499\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:49:58 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1258\");\n script_name(\"CentOS Update for quagga CESA-2012:1258 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"quagga on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n\n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n\n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n\n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n\n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. And the\n CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\n Riku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\n project as the original reporters of CVE-2011-3327, CVE-2011-3323,\n CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\n Martin Winte ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:58:08", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for quagga CESA-2012:1258 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:881499", "href": "http://plugins.openvas.org/nasl.php?oid=881499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for quagga CESA-2012:1258 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n \n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n \n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n \n A flaw was found in the way the ospf6d daemon processed malformed link\n state advertisements. An OSPF neighbor could use this flaw to crash\n ospf6d on a target system. (CVE-2011-3324)\n \n A flaw was found in the way the ospfd daemon processed malformed Hello\n packets. An OSPF neighbor could use this flaw to crash ospfd on a\n target system. (CVE-2011-3325)\n \n A flaw was found in the way the ospfd daemon processed malformed link state\n advertisements. An OSPF router in the autonomous system could use this flaw\n to crash ospfd on a target system. (CVE-2011-3326)\n \n An assertion failure was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n \n A buffer overflow flaw was found in the way the ospfd daemon processed\n certain Link State Update packets. An OSPF router could use this flaw to\n crash ospfd on an adjacent router. (CVE-2012-0250)\n \n Red Hat would like to thank CERT-FI for reporting CVE-2011-3327,\n CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\n CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\n Riku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\n project as the original reporters of CVE-2011-3327, CVE-2011-3323,\n CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\n Martin Winte ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018866.html\");\n script_id(881499);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:49:58 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1258\");\n script_name(\"CentOS Update for quagga CESA-2012:1258 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:53", "description": "Oracle Linux Local Security Checks ELSA-2012-1258", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1258", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123825", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123825", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1258.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123825\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:03 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1258\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1258 - quagga security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1258\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1258.html\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1258-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870833", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870833", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1258-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00014.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870833\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:42:09 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1258-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1258-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"quagga on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:29", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for quagga RHSA-2012:1258-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:870833", "href": "http://plugins.openvas.org/nasl.php?oid=870833", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for quagga RHSA-2012:1258-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\n implements the BGP (Border Gateway Protocol) routing protocol. The Quagga\n ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\n routing protocol.\n\n A heap-based buffer overflow flaw was found in the way the bgpd daemon\n processed malformed Extended Communities path attributes. An attacker could\n send a specially-crafted BGP message, causing bgpd on a target system to\n crash or, possibly, execute arbitrary code with the privileges of the user\n running bgpd. The UPDATE message would have to arrive from an explicitly\n configured BGP peer, but could have originated elsewhere in the BGP\n network. (CVE-2011-3327)\n\n A NULL pointer dereference flaw was found in the way the bgpd daemon\n processed malformed route Extended Communities attributes. A configured\n BGP peer could crash bgpd on a target system via a specially-crafted BGP\n message. (CVE-2010-1674)\n\n A stack-based buffer overflow flaw was found in the way the ospf6d daemon\n processed malformed Link State Update packets. An OSPF router could use\n this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"quagga on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00014.html\");\n script_id(870833);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:42:09 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\",\n \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1258-01\");\n script_name(\"RedHat Update for quagga RHSA-2012:1258-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.98.6~7.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:53", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2011-13504", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863590", "href": "http://plugins.openvas.org/nasl.php?oid=863590", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2011-13504\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"quagga on Fedora 15\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068234.html\");\n script_id(863590);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-13504\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\",\n \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_name(\"Fedora Update for quagga FEDORA-2011-13504\");\n\n script_summary(\"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:43", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-10-16T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:70412", "href": "http://plugins.openvas.org/nasl.php?oid=70412", "sourceData": "#\n#VID ab9be2c8-ef91-11e0-ad5a-00215c6a37bb\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID ab9be2c8-ef91-11e0-ad5a-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: quagga\n\nCVE-2011-3323\nThe OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows\nremote attackers to cause a denial of service (out-of-bounds memory\naccess and daemon crash) via a Link State Update message with an\ninvalid IPv6 prefix length.\nCVE-2011-3324\nThe ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3\nimplementation in ospf6d in Quagga before 0.99.19 allows remote\nattackers to cause a denial of service (assertion failure and daemon\nexit) via trailing zero values in the Link State Advertisement (LSA)\nheader list of an IPv6 Database Description message.\nCVE-2011-3325\nospf_packet.c in ospfd in Quagga before 0.99.19 allows remote\nattackers to cause a denial of service (daemon crash) via (1) a 0x0a\ntype field in an IPv4 packet header or (2) a truncated IPv4 Hello\npacket.\nCVE-2011-3326\nThe ospf_flood function in ospf_flood.c in ospfd in Quagga before\n0.99.19 allows remote attackers to cause a denial of service (daemon\ncrash) via an invalid Link State Advertisement (LSA) type in an IPv4\nLink State Update message.\nCVE-2011-3327\nHeap-based buffer overflow in the ecommunity_ecom2str function in\nbgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote\nattackers to cause a denial of service (daemon crash) or possibly\nexecute arbitrary code by sending a crafted BGP UPDATE message over\nIPv4.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\n\nif(description)\n{\n script_id(70412);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-16 23:01:53 +0200 (Sun, 16 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_name(\"FreeBSD Ports: quagga\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.19\")<0) {\n txt += 'Package quagga version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2011-13504", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863590", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2011-13504\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068234.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863590\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-13504\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\",\n \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_name(\"Fedora Update for quagga FEDORA-2011-13504\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2011-13492", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863781", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863781", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2011-13492\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068314.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863781\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:15:14 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-13492\");\n script_name(\"Fedora Update for quagga FEDORA-2011-13492\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:27:06", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1261-1", "cvss3": {}, "published": "2011-11-18T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1261-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840806", "href": "http://plugins.openvas.org/nasl.php?oid=840806", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1261_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for quagga USN-1261-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled Link State Update messages with invalid lengths. A\n remote attacker could use this flaw to cause Quagga to crash, resulting in\n a denial of service. (CVE-2011-3323)\n\n Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled certain IPv6 Database Description messages. A remote\n attacker could use this flaw to cause Quagga to crash, resulting in a\n denial of service. (CVE-2011-3324)\n\n Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled certain IPv4 packets. A remote attacker could use this\n flaw to cause Quagga to crash, resulting in a denial of service.\n (CVE-2011-3325)\n\n Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled invalid Link State Advertisement (LSA) types. A remote\n attacker could use this flaw to cause Quagga to crash, resulting in a\n denial of service. (CVE-2011-3326)\n\n Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled certain BGP UPDATE messages. A remote attacker could\n use this flaw to cause Quagga to crash, or possibly execute arbitrary\n code. (CVE-2011-3327)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1261-1\";\ntag_affected = \"quagga on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1261-1/\");\n script_id(840806);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-18 09:47:01 +0530 (Fri, 18 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1261-1\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_name(\"Ubuntu Update for quagga USN-1261-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.17-1ubuntu0.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.15-1ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.17-4ubuntu1.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:59", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-10-16T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231070412", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070412", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_quagga2.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID ab9be2c8-ef91-11e0-ad5a-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70412\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-16 23:01:53 +0200 (Sun, 16 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_name(\"FreeBSD Ports: quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: quagga\n\nCVE-2011-3323\nThe OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows\nremote attackers to cause a denial of service (out-of-bounds memory\naccess and daemon crash) via a Link State Update message with an\ninvalid IPv6 prefix length.\nCVE-2011-3324\nThe ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3\nimplementation in ospf6d in Quagga before 0.99.19 allows remote\nattackers to cause a denial of service (assertion failure and daemon\nexit) via trailing zero values in the Link State Advertisement (LSA)\nheader list of an IPv6 Database Description message.\nCVE-2011-3325\nospf_packet.c in ospfd in Quagga before 0.99.19 allows remote\nattackers to cause a denial of service (daemon crash) via (1) a 0x0a\ntype field in an IPv4 packet header or (2) a truncated IPv4 Hello\npacket.\nCVE-2011-3326\nThe ospf_flood function in ospf_flood.c in ospfd in Quagga before\n0.99.19 allows remote attackers to cause a denial of service (daemon\ncrash) via an invalid Link State Advertisement (LSA) type in an IPv4\nLink State Update message.\nCVE-2011-3327\nHeap-based buffer overflow in the ecommunity_ecom2str function in\nbgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote\nattackers to cause a denial of service (daemon crash) or possibly\nexecute arbitrary code by sending a crafted BGP UPDATE message over\nIPv4.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.19\")<0) {\n txt += 'Package quagga version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2316-1.", "cvss3": {}, "published": "2011-10-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2316-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231070405", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070405", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2316_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2316-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70405\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-16 23:01:53 +0200 (Sun, 16 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_name(\"Debian Security Advisory DSA 2316-1 (quagga)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202316-1\");\n script_tag(name:\"insight\", value:\"Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several\nvulnerabilities in Quagga, an Internet routing daemon:\n\nCVE-2011-3323\nA stack-based buffer overflow while decoding Link State Update\npackets with a malformed Inter Area Prefix LSA can cause the\nospf6d process to crash or (potentially) execute arbitrary\ncode.\n\nCVE-2011-3324\nThe ospf6d process can crash while processing a Database\nDescription packet with a crafted Link-State-Advertisement.\n\nCVE-2011-3325\nThe ospfd process can crash while processing a crafted Hello\npacket.\n\nCVE-2011-3326\nThe ospfd process crashes while processing\nLink-State-Advertisements of a type not known to Quagga.\n\nCVE-2011-3327\nA heap-based buffer overflow while processing BGP UPDATE\nmessages containing an Extended Communities path attribute\ncan cause the bgpd process to crash or (potentially) execute\narbitrary code.\n\nThe OSPF-related vulnerabilities require that potential attackers send\npackets to a vulnerable Quagga router. The packets are not distributed\nover OSPF. In contrast, the BGP UPDATE messages could be propagated\nby some routers.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.99.10-1lenny6.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.17-2+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.19-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your quagga packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to quagga\nannounced via advisory DSA 2316-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.10-1lenny6\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.10-1lenny6\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.17-2+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.17-2+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:55:35", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2316-1.", "cvss3": {}, "published": "2011-10-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2316-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70405", "href": "http://plugins.openvas.org/nasl.php?oid=70405", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2316_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2316-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several\nvulnerabilities in Quagga, an Internet routing daemon:\n\nCVE-2011-3323\nA stack-based buffer overflow while decoding Link State Update\npackets with a malformed Inter Area Prefix LSA can cause the\nospf6d process to crash or (potentially) execute arbitrary\ncode.\n\nCVE-2011-3324\nThe ospf6d process can crash while processing a Database\nDescription packet with a crafted Link-State-Advertisement.\n\nCVE-2011-3325\nThe ospfd process can crash while processing a crafted Hello\npacket.\n\nCVE-2011-3326\nThe ospfd process crashes while processing\nLink-State-Advertisements of a type not known to Quagga.\n\nCVE-2011-3327\nA heap-based buffer overflow while processing BGP UPDATE\nmessages containing an Extended Communities path attribute\ncan cause the bgpd process to crash or (potentially) execute\narbitrary code.\n\nThe OSPF-related vulnerabilities require that potential attackers send\npackets to a vulnerable Quagga router; the packets are not distributed\nover OSPF. In contrast, the BGP UPDATE messages could be propagated\nby some routers.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.99.10-1lenny6.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.17-2+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.19-1.\n\nWe recommend that you upgrade your quagga packages.\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory DSA 2316-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202316-1\";\n\n\nif(description)\n{\n script_id(70405);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-16 23:01:53 +0200 (Sun, 16 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_name(\"Debian Security Advisory DSA 2316-1 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.10-1lenny6\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.10-1lenny6\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.17-2+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.17-2+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:10", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2011-13492", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:863781", "href": "http://plugins.openvas.org/nasl.php?oid=863781", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2011-13492\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n\n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n\n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068314.html\");\n script_id(863781);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:15:14 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-13492\");\n script_name(\"Fedora Update for quagga FEDORA-2011-13492\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:52", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1261-1", "cvss3": {}, "published": "2011-11-18T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1261-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840806", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840806", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1261_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for quagga USN-1261-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1261-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840806\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-18 09:47:01 +0530 (Fri, 18 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1261-1\");\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_name(\"Ubuntu Update for quagga USN-1261-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1261-1\");\n script_tag(name:\"affected\", value:\"quagga on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled Link State Update messages with invalid lengths. A\n remote attacker could use this flaw to cause Quagga to crash, resulting in\n a denial of service. (CVE-2011-3323)\n\n Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled certain IPv6 Database Description messages. A remote\n attacker could use this flaw to cause Quagga to crash, resulting in a\n denial of service. (CVE-2011-3324)\n\n Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled certain IPv4 packets. A remote attacker could use this\n flaw to cause Quagga to crash, resulting in a denial of service.\n (CVE-2011-3325)\n\n Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled invalid Link State Advertisement (LSA) types. A remote\n attacker could use this flaw to cause Quagga to crash, resulting in a\n denial of service. (CVE-2011-3326)\n\n Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga\n incorrectly handled certain BGP UPDATE messages. A remote attacker could\n use this flaw to cause Quagga to crash, or possibly execute arbitrary\n code. (CVE-2011-3327)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.17-1ubuntu0.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.15-1ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.17-4ubuntu1.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:28", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2011-13499", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2010-1675", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863589", "href": "http://plugins.openvas.org/nasl.php?oid=863589", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2011-13499\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"quagga on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068207.html\");\n script_id(863589);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-13499\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2010-1674\", \"CVE-2010-1675\");\n script_name(\"Fedora Update for quagga FEDORA-2011-13499\");\n\n script_summary(\"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20~2.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2011-13499", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2010-1675", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863589", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863589", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2011-13499\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068207.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863589\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-13499\");\n script_cve_id(\"CVE-2011-3325\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3326\",\n \"CVE-2011-3327\", \"CVE-2010-1674\", \"CVE-2010-1675\");\n script_name(\"Fedora Update for quagga FEDORA-2011-13499\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20~2.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:31", "description": "Gentoo Linux Local Security Checks GLSA 201310-08", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201310-08", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2013-2236"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121046", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121046", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201310-08.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121046\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:06 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201310-08\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201310-08\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\", \"CVE-2013-2236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201310-08\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-misc/quagga\", unaffected: make_list(\"ge 0.99.22.4\"), vulnerable: make_list(\"lt 0.99.22.4\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5411", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864166", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864166", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5411\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864166\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:52:52 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5411\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5411\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5352", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864412", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864412", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5352\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864412\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:08:55 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5352\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5352\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:24", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1441-1", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1441-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841005", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841005", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1441_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for quagga USN-1441-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1441-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841005\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-17 10:32:32 +0530 (Thu, 17 May 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1441-1\");\n script_name(\"Ubuntu Update for quagga USN-1441-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1441-1\");\n script_tag(name:\"affected\", value:\"quagga on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Quagga incorrectly handled Link State Update\n messages with invalid lengths. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0249,\n CVE-2012-0250)\n\n It was discovered that Quagga incorrectly handled messages with a malformed\n Four-octet AS Number Capability. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:21", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071290", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071290", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_quagga3.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 42a2c82a-75b9-11e1-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71290\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:26 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n quagga\n quagga-re\n\nCVE-2012-0249\nBuffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c\nin the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1\nallows remote attackers to cause a denial of service (assertion\nfailure and daemon exit) via a Link State Update (aka LS Update)\npacket that is smaller than the length specified in its header.\nCVE-2012-0250\nBuffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure\nlength is smaller than the value in the Length header field.\nCVE-2012-0255\nThe BGP implementation in bgpd in Quagga before 0.99.20.1 does not\nproperly use message buffers for OPEN messages, which allows remote\nattackers to cause a denial of service (assertion failure and daemon\nexit) via a message associated with a malformed Four-octet AS Number\nCapability (aka AS4 capability).\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/551715\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.8\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2459-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071263", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071263", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2459_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2459-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71263\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:58:15 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2459-1 (quagga)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202459-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\nCVE-2012-0249\nA buffer overflow in the ospf_ls_upd_list_lsa function in the\nOSPFv2 implementation allows remote attackers to cause a\ndenial of service (assertion failure and daemon exit) via a\nLink State Update (aka LS Update) packet that is smaller than\nthe length specified in its header.\n\nCVE-2012-0250\nA buffer overflow in the OSPFv2 implementation allows remote\nattackers to cause a denial of service (daemon crash) via a\nLink State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the\ndata-structure length is smaller than the value in the Length\nheader field.\n\nCVE-2012-0255\nThe BGP implementation does not properly use message buffers\nfor OPEN messages, which allows remote attackers impersonating\na configured BGP peer to cause a denial of service (assertion\nfailure and daemon exit) via a message associated with a\nmalformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your quagga packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:10:50", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2017-04-10T00:00:00", "id": "OPENVAS:71290", "href": "http://plugins.openvas.org/nasl.php?oid=71290", "sourceData": "#\n#VID 42a2c82a-75b9-11e1-89b4-001ec9578670\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 42a2c82a-75b9-11e1-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n quagga\n quagga-re\n\nCVE-2012-0249\nBuffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c\nin the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1\nallows remote attackers to cause a denial of service (assertion\nfailure and daemon exit) via a Link State Update (aka LS Update)\npacket that is smaller than the length specified in its header.\nCVE-2012-0250\nBuffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure\nlength is smaller than the value in the Length header field.\nCVE-2012-0255\nThe BGP implementation in bgpd in Quagga before 0.99.20.1 does not\nproperly use message buffers for OPEN messages, which allows remote\nattackers to cause a denial of service (assertion failure and daemon\nexit) via a message associated with a malformed Four-octet AS Number\nCapability (aka AS4 capability).\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kb.cert.org/vuls/id/551715\nhttp://www.vuxml.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71290);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 5912 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-10 11:01:51 +0200 (Mon, 10 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:26 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.8\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:30", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2459-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71263", "href": "http://plugins.openvas.org/nasl.php?oid=71263", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2459_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2459-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\nCVE-2012-0249\nA buffer overflow in the ospf_ls_upd_list_lsa function in the\nOSPFv2 implementation allows remote attackers to cause a\ndenial of service (assertion failure and daemon exit) via a\nLink State Update (aka LS Update) packet that is smaller than\nthe length specified in its header.\n\nCVE-2012-0250\nA buffer overflow in the OSPFv2 implementation allows remote\nattackers to cause a denial of service (daemon crash) via a\nLink State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the\ndata-structure length is smaller than the value in the Length\nheader field.\n\nCVE-2012-0255\nThe BGP implementation does not properly use message buffers\nfor OPEN messages, which allows remote attackers impersonating\na configured BGP peer to cause a denial of service (assertion\nfailure and daemon exit) via a message associated with a\nmalformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\nWe recommend that you upgrade your quagga packages.\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory DSA 2459-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202459-1\";\n\nif(description)\n{\n script_id(71263);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:58:15 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2459-1 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:41", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5411", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864166", "href": "http://plugins.openvas.org/nasl.php?oid=864166", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5411\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n\n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n\n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html\");\n script_id(864166);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:52:52 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5411\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5411\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:57:28", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-5352", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:864412", "href": "http://plugins.openvas.org/nasl.php?oid=864412", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-5352\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is a free software that manages TCP/IP based routing\n protocol. It takes multi-server and multi-thread approach to resolve\n the current complexity of the Internet.\n\n Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit, it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html\");\n script_id(864412);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:08:55 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5352\");\n script_name(\"Fedora Update for quagga FEDORA-2012-5352\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:20:55", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1441-1", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1441-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841005", "href": "http://plugins.openvas.org/nasl.php?oid=841005", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1441_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for quagga USN-1441-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Quagga incorrectly handled Link State Update\n messages with invalid lengths. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0249,\n CVE-2012-0250)\n\n It was discovered that Quagga incorrectly handled messages with a malformed\n Four-octet AS Number Capability. A remote attacker could use this flaw to\n cause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1441-1\";\ntag_affected = \"quagga on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1441-1/\");\n script_id(841005);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-17 10:32:32 +0530 (Thu, 17 May 2012)\");\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1441-1\");\n script_name(\"Ubuntu Update for quagga USN-1441-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:36", "description": "The remote host is missing updates announced in\nadvisory GLSA 201202-02.", "cvss3": {}, "published": "2012-03-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201202-02 (Quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2949", "CVE-2011-3326", "CVE-2011-3325", "CVE-2010-2948", "CVE-2010-1675", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231071177", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071177", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201202_02.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71177\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2010-1675\", \"CVE-2010-2948\", \"CVE-2010-2949\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:35:34 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201202-02 (Quagga)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in Quagga, the worst of which\n leading to remote execution of arbitrary code.\");\n script_tag(name:\"solution\", value:\"All Quagga users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/quagga-0.99.20'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201202-02\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=334303\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=359903\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=384651\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201202-02.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-misc/quagga\", unaffected: make_list(\"ge 0.99.20\"), vulnerable: make_list(\"lt 0.99.20\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:55", "description": "The remote host is missing updates announced in\nadvisory GLSA 201202-02.", "cvss3": {}, "published": "2012-03-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201202-02 (Quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2949", "CVE-2011-3326", "CVE-2011-3325", "CVE-2010-2948", "CVE-2010-1675", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71177", "href": "http://plugins.openvas.org/nasl.php?oid=71177", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in Quagga, the worst of which\n leading to remote execution of arbitrary code.\";\ntag_solution = \"All Quagga users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/quagga-0.99.20'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201202-02\nhttp://bugs.gentoo.org/show_bug.cgi?id=334303\nhttp://bugs.gentoo.org/show_bug.cgi?id=359903\nhttp://bugs.gentoo.org/show_bug.cgi?id=384651\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201202-02.\";\n\n \n \nif(description)\n{\n script_id(71177);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-1674\", \"CVE-2010-1675\", \"CVE-2010-2948\", \"CVE-2010-2949\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:35:34 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201202-02 (Quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-misc/quagga\", unaffected: make_list(\"ge 0.99.20\"), vulnerable: make_list(\"lt 0.99.20\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:40", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:864486", "href": "http://plugins.openvas.org/nasl.php?oid=864486", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9103\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is free software that operates TCP/IP-based routing protocols. It takes\n a multi-server and multi-threaded approach to resolving the current complexity\n of the Internet.\n\n Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2,\n OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit; it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082500.html\");\n script_id(864486);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:25:17 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9103\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9103\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864486", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864486", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9103\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082500.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864486\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:25:17 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9103\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9103\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-08T12:56:56", "description": "Check for the Version of quagga", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9116", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:864480", "href": "http://plugins.openvas.org/nasl.php?oid=864480", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9116\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Quagga is free software that operates TCP/IP-based routing protocols. It takes\n a multi-server and multi-threaded approach to resolving the current complexity\n of the Internet.\n\n Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2,\n OSPFv3, RIPv1, RIPv2, and RIPng.\n \n Quagga is intended to be used as a Route Server and a Route Reflector. It is\n not a toolkit; it provides full routing power under a new architecture.\n Quagga by design has a process for each protocol.\n \n Quagga is a fork of GNU Zebra.\";\n\ntag_affected = \"quagga on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082463.html\");\n script_id(864480);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:24:54 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9116\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9116\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:03:40", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-90)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120299", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120299", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120299\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:23:06 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-90)\");\n script_tag(name:\"insight\", value:\"The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.\");\n script_tag(name:\"solution\", value:\"Run yum update quagga to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-90.html\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.20.1~1.5.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2497-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071476", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071476", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2497_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2497-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71476\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:06:44 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2497-1 (quagga)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202497-1\");\n script_tag(name:\"insight\", value:\"It was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your quagga packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.21-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.21-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.21-3\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:50:36", "description": "The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2497-1 (quagga)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71476", "href": "http://plugins.openvas.org/nasl.php?oid=71476", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2497_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2497-1 (quagga)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\n\nWe recommend that you upgrade your quagga packages.\";\ntag_summary = \"The remote host is missing an update to quagga\nannounced via advisory DSA 2497-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202497-1\";\n\nif(description)\n{\n script_id(71476);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:06:44 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2497-1 (quagga)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.20.1-0+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.21-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-dbg\", ver:\"0.99.21-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"quagga-doc\", ver:\"0.99.21-3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:41", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2017-04-14T00:00:00", "id": "OPENVAS:71542", "href": "http://plugins.openvas.org/nasl.php?oid=71542", "sourceData": "#\n#VID 1e14d46f-af1f-11e1-b242-00215af774f0\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 1e14d46f-af1f-11e1-b242-00215af774f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n quagga\n quagga-re\n\nCVE-2012-1820\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kb.cert.org/vuls/id/962587\nhttp://www.vuxml.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71542);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 5956 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-14 11:02:12 +0200 (Fri, 14 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:17 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<=0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.10\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:21:08", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1605-1", "cvss3": {}, "published": "2012-10-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1605-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841186", "href": "http://plugins.openvas.org/nasl.php?oid=841186", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1605_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for quagga USN-1605-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Quagga incorrectly handled certain malformed\n messages. A remote attacker could use this flaw to cause Quagga to crash,\n resulting in a denial of service.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1605-1\";\ntag_affected = \"quagga on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1605-1/\");\n script_id(841186);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-12 09:20:37 +0530 (Fri, 12 Oct 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1605-1\");\n script_name(\"Ubuntu Update for quagga USN-1605-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:45", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1605-1", "cvss3": {}, "published": "2012-10-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for quagga USN-1605-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841186", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841186", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1605_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for quagga USN-1605-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1605-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841186\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-12 09:20:37 +0530 (Fri, 12 Oct 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1605-1\");\n script_name(\"Ubuntu Update for quagga USN-1605-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1605-1\");\n script_tag(name:\"affected\", value:\"quagga on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Quagga incorrectly handled certain malformed\n messages. A remote attacker could use this flaw to cause Quagga to crash,\n resulting in a denial of service.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.10.04.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.12.04.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.10.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"quagga\", ver:\"0.99.20.1-0ubuntu0.11.04.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Fedora Update for quagga FEDORA-2012-9116", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864480", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864480", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for quagga FEDORA-2012-9116\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082463.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864480\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:24:54 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-1820\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9116\");\n script_name(\"Fedora Update for quagga FEDORA-2012-9116\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'quagga'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"quagga on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.21~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:01", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: quagga", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071542", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071542", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_quagga4.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 1e14d46f-af1f-11e1-b242-00215af774f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71542\");\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-1820\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:17 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"FreeBSD Ports: quagga\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n quagga\n quagga-re\n\nCVE-2012-1820\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/962587\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"quagga\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.20.1\")<=0) {\n txt += \"Package quagga version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"quagga-re\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.99.17.10\")<0) {\n txt += \"Package quagga-re version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T23:03:45", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-70)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120150", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120150", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120150\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:18:40 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-70)\");\n script_tag(name:\"insight\", value:\"Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.\");\n script_tag(name:\"solution\", value:\"Run yum update quagga to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-70.html\");\n script_cve_id(\"CVE-2012-0250\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"quagga-contrib\", rpm:\"quagga-contrib~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"quagga-debuginfo\", rpm:\"quagga-debuginfo~0.99.20.1~1.4.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:57:09", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-14T00:00:00", "type": "nessus", "title": "CentOS 6 : quagga (CESA-2012:1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:quagga", "p-cpe:/a:centos:centos:quagga-contrib", "p-cpe:/a:centos:centos:quagga-devel", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/62081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1259 and \n# CentOS Errata and Security Advisory 2012:1259 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62081);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_bugtraq_id(49784, 52531, 53775);\n script_xref(name:\"RHSA\", value:\"2012:1259\");\n\n script_name(english:\"CentOS 6 : quagga (CESA-2012:1259)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018868.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d4761e3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:53:34", "description": "From Red Hat Security Advisory 2012:1259 :\n\nUpdated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : quagga (ELSA-2012-1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:quagga", "p-cpe:/a:oracle:linux:quagga-contrib", "p-cpe:/a:oracle:linux:quagga-devel", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/68618", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1259 and \n# Oracle Linux Security Advisory ELSA-2012-1259 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68618);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_bugtraq_id(42635, 42642, 46942, 46943, 49784, 52531, 53775);\n script_xref(name:\"RHSA\", value:\"2012:1259\");\n\n script_name(english:\"Oracle Linux 6 : quagga (ELSA-2012-1259)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1259 :\n\nUpdated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003021.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:17", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-13T00:00:00", "type": "nessus", "title": "RHEL 6 : quagga (RHSA-2012:1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:quagga", "p-cpe:/a:redhat:enterprise_linux:quagga-contrib", "p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo", "p-cpe:/a:redhat:enterprise_linux:quagga-devel", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.3"], "id": "REDHAT-RHSA-2012-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/62070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1259. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62070);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n script_bugtraq_id(49784, 52531, 53775);\n script_xref(name:\"RHSA\", value:\"2012:1259\");\n\n script_name(english:\"RHEL 6 : quagga (RHSA-2012:1259)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0255\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1259\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"quagga-debuginfo-0.99.15-7.el6_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:13", "description": "A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-14T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : quagga on SL6.x i386/x86_64 (20120912)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:quagga", "p-cpe:/a:fermilab:scientific_linux:quagga-contrib", "p-cpe:/a:fermilab:scientific_linux:quagga-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120912_QUAGGA_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62095", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62095);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"Scientific Linux Security Update : quagga on SL6.x i386/x86_64 (20120912)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP\nOPEN messages. A configured BGP peer could cause bgpd on a target\nsystem to abort via a specially crafted BGP OPEN message.\n(CVE-2012-0255, CVE-2012-1820)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255,\nand CVE-2012-1820. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen\nand Jukka Taimisto of the Codenomicon CROSS project as the original\nreporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324,\nCVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin\nWinter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as\nthe original reporter of CVE-2012-1820.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d\ndaemons will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1209&L=scientific-linux-errata&T=0&P=1641\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b28b4689\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected quagga, quagga-contrib and / or quagga-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"quagga-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"quagga-contrib-0.99.15-7.el6_3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"quagga-devel-0.99.15-7.el6_3.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:09", "description": "A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-14T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : quagga on SL5.x i386/x86_64 (20120912)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:quagga", "p-cpe:/a:fermilab:scientific_linux:quagga-contrib", "p-cpe:/a:fermilab:scientific_linux:quagga-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120912_QUAGGA_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62094", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62094);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n\n script_name(english:\"Scientific Linux Security Update : quagga on SL5.x i386/x86_64 (20120912)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nWe would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nAfter installing the updated packages, the bgpd, ospfd, and ospf6d\ndaemons will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1209&L=scientific-linux-errata&T=0&P=1762\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?242862fd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected quagga, quagga-contrib and / or quagga-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:06", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-13T00:00:00", "type": "nessus", "title": "RHEL 5 : quagga (RHSA-2012:1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:quagga", "p-cpe:/a:redhat:enterprise_linux:quagga-contrib", "p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo", "p-cpe:/a:redhat:enterprise_linux:quagga-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/62069", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1258. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62069);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_bugtraq_id(46942, 49784, 52531);\n script_xref(name:\"RHSA\", value:\"2012:1258\");\n\n script_name(english:\"RHEL 5 : quagga (RHSA-2012:1258)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1258\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0249\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1258\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"quagga-debuginfo-0.98.6-7.el5_8.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:14", "description": "Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-13T00:00:00", "type": "nessus", "title": "CentOS 5 : quagga (CESA-2012:1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:quagga", "p-cpe:/a:centos:centos:quagga-contrib", "p-cpe:/a:centos:centos:quagga-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/62066", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1258 and \n# CentOS Errata and Security Advisory 2012:1258 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62066);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_bugtraq_id(46942, 49784, 52531);\n script_xref(name:\"RHSA\", value:\"2012:1258\");\n\n script_name(english:\"CentOS 5 : quagga (CESA-2012:1258)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018866.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d6e6aff\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:54:32", "description": "From Red Hat Security Advisory 2012:1258 :\n\nUpdated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : quagga (ELSA-2012-1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:quagga", "p-cpe:/a:oracle:linux:quagga-contrib", "p-cpe:/a:oracle:linux:quagga-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/68617", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1258 and \n# Oracle Linux Security Advisory ELSA-2012-1258 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68617);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\", \"CVE-2012-0249\", \"CVE-2012-0250\");\n script_bugtraq_id(25634, 42635, 46942, 49784, 52531);\n script_xref(name:\"RHSA\", value:\"2012:1258\");\n\n script_name(english:\"Oracle Linux 5 : quagga (ELSA-2012-1258)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1258 :\n\nUpdated quagga packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd\ndaemon implements the BGP (Border Gateway Protocol) routing protocol.\nThe Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest\nPath First) routing protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker\ncould send a specially crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the\nprivileges of the user running bgpd. The UPDATE message would have to\narrive from an explicitly configured BGP peer, but could have\noriginated elsewhere in the BGP network. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A\nconfigured BGP peer could crash bgpd on a target system via a\nspecially crafted BGP message. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d\ndaemon processed malformed Link State Update packets. An OSPF router\ncould use this flaw to crash ospf6d on an adjacent router.\n(CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link\nstate advertisements. An OSPF router in the autonomous system could\nuse this flaw to crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto cause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw\nto crash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and\nthe CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI\nacknowledges Riku Hietamaki, Tuomo Untinen and Jukka Taimisto of the\nCodenomicon CROSS project as the original reporters of CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The\nCERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the\noriginal reporter of CVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the bgpd, ospfd, and ospf6d daemons will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003022.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"quagga-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"quagga-contrib-0.98.6-7.el5_8.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"quagga-devel-0.98.6-7.el5_8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:26", "description": "This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa. (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description packet. (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet.\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update.\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in Quagga's BGP (CVE-2011-3327)", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : quagga (SAT Patch Number 5169)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:quagga", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_QUAGGA-110920.NASL", "href": "https://www.tenable.com/plugins/nessus/57131", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57131);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n\n script_name(english:\"SuSE 11.1 Security Update : quagga (SAT Patch Number 5169)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State\n Update with Inter Area Prefix Lsa. (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description\n packet. (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet.\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update.\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP (CVE-2011-3327)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718061\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3323.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3324.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3325.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3326.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3327.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5169.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"quagga-0.99.15-0.6.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"quagga-0.99.15-0.6.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:24", "description": "This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa. (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description packet. (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet.\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update.\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in Quagga's BGP. (CVE-2011-3327)", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : quagga (ZYPP Patch Number 7768)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_QUAGGA-7768.NASL", "href": "https://www.tenable.com/plugins/nessus/57250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57250);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n\n script_name(english:\"SuSE 10 Security Update : quagga (ZYPP Patch Number 7768)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State\n Update with Inter Area Prefix Lsa. (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description\n packet. (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet.\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update.\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP. (CVE-2011-3327)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3323.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3324.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3325.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3326.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3327.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7768.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"quagga-0.99.9-14.11.9\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"quagga-devel-0.99.9-14.11.9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:23", "description": "This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa. (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description packet. (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet.\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update.\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in Quagga's BGP (CVE-2011-3327)", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : quagga (SAT Patch Number 5169)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:quagga", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_QUAGGA-110921.NASL", "href": "https://www.tenable.com/plugins/nessus/57132", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57132);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n\n script_name(english:\"SuSE 11.1 Security Update : quagga (SAT Patch Number 5169)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State\n Update with Inter Area Prefix Lsa. (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description\n packet. (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet.\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update.\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP (CVE-2011-3327)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718061\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3323.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3324.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3325.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3326.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3327.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5169.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"quagga-0.99.15-0.6.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:38", "description": "fixes CVE-2011-332{3..7} update to latest upstream 0.99.20 fixes memory leak\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-19T00:00:00", "type": "nessus", "title": "Fedora 14 : quagga-0.99.20-2.fc14 (2011-13499)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-13499.NASL", "href": "https://www.tenable.com/plugins/nessus/56539", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-13499.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56539);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_xref(name:\"FEDORA\", value:\"2011-13499\");\n\n script_name(english:\"Fedora 14 : quagga-0.99.20-2.fc14 (2011-13499)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVE-2011-332{3..7} update to latest upstream 0.99.20 fixes\nmemory leak\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738396\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738400\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-October/068207.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?266a89b2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"quagga-0.99.20-2.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:46", "description": "CERT-FI reports :\n\nFive vulnerabilities have been found in the BGP, OSPF, and OSPFv3 components of Quagga. The vulnerabilities allow an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified packets to an affected server. Routing messages are typically accepted from the routing peers. Exploiting these vulnerabilities may require an established routing session (BGP peering or OSPF/OSPFv3 adjacency) to the router.\n\nThe vulnerability CVE-2011-3327 is related to the extended communities handling in BGP messages. Receiving a malformed BGP update can result in a buffer overflow and disruption of IPv4 routing.\n\nThe vulnerability CVE-2011-3326 results from the handling of LSA (Link State Advertisement) states in the OSPF service. Receiving a modified Link State Update message with malicious state information can result in denial of service in IPv4 routing.\n\nThe vulnerability CVE-2011-3325 is a denial of service vulnerability related to Hello message handling by the OSPF service. As Hello messages are used to initiate adjacencies, exploiting the vulnerability may be feasible from the same broadcast domain without an established adjacency. A malformed packet may result in denial of service in IPv4 routing.\n\nThe vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving modified Database Description and Link State Update messages, respectively, can result in denial of service in IPv6 routing.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-06T00:00:00", "type": "nessus", "title": "FreeBSD : quagga -- multiple vulnerabilities (ab9be2c8-ef91-11e0-ad5a-00215c6a37bb)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:quagga", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_AB9BE2C8EF9111E0AD5A00215C6A37BB.NASL", "href": "https://www.tenable.com/plugins/nessus/56399", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56399);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n\n script_name(english:\"FreeBSD : quagga -- multiple vulnerabilities (ab9be2c8-ef91-11e0-ad5a-00215c6a37bb)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CERT-FI reports :\n\nFive vulnerabilities have been found in the BGP, OSPF, and OSPFv3\ncomponents of Quagga. The vulnerabilities allow an attacker to cause a\ndenial of service or potentially to execute his own code by sending a\nspecially modified packets to an affected server. Routing messages are\ntypically accepted from the routing peers. Exploiting these\nvulnerabilities may require an established routing session (BGP\npeering or OSPF/OSPFv3 adjacency) to the router.\n\nThe vulnerability CVE-2011-3327 is related to the extended communities\nhandling in BGP messages. Receiving a malformed BGP update can result\nin a buffer overflow and disruption of IPv4 routing.\n\nThe vulnerability CVE-2011-3326 results from the handling of LSA (Link\nState Advertisement) states in the OSPF service. Receiving a modified\nLink State Update message with malicious state information can result\nin denial of service in IPv4 routing.\n\nThe vulnerability CVE-2011-3325 is a denial of service vulnerability\nrelated to Hello message handling by the OSPF service. As Hello\nmessages are used to initiate adjacencies, exploiting the\nvulnerability may be feasible from the same broadcast domain without\nan established adjacency. A malformed packet may result in denial of\nservice in IPv4 routing.\n\nThe vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the\nIPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving\nmodified Database Description and Link State Update messages,\nrespectively, can result in denial of service in IPv6 routing.\"\n );\n # https://vuxml.freebsd.org/freebsd/ab9be2c8-ef91-11e0-ad5a-00215c6a37bb.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?37704487\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"quagga<0.99.19\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:41", "description": "fixes CVE-2011-332{3..7} update to latest upstream 0.99.20 fixes memory leak\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-19T00:00:00", "type": "nessus", "title": "Fedora 15 : quagga-0.99.20-2.fc15 (2011-13504)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-13504.NASL", "href": "https://www.tenable.com/plugins/nessus/56540", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-13504.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56540);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_xref(name:\"FEDORA\", value:\"2011-13504\");\n\n script_name(english:\"Fedora 15 : quagga-0.99.20-2.fc15 (2011-13504)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVE-2011-332{3..7} update to latest upstream 0.99.20 fixes\nmemory leak\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738396\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738400\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-October/068234.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e2ce42cb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"quagga-0.99.20-2.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:41", "description": "fixes CVE-2011-332{3..7} update to latest upstream 0.99.20 fixes memory leak\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-19T00:00:00", "type": "nessus", "title": "Fedora 16 : quagga-0.99.20-2.fc16 (2011-13492)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-13492.NASL", "href": "https://www.tenable.com/plugins/nessus/56538", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-13492.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56538);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_xref(name:\"FEDORA\", value:\"2011-13492\");\n\n script_name(english:\"Fedora 16 : quagga-0.99.20-2.fc16 (2011-13492)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVE-2011-332{3..7} update to latest upstream 0.99.20 fixes\nmemory leak\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738396\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=738400\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-October/068314.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c87b5d0a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"quagga-0.99.20-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:58:03", "description": "According to its self-reported version number, the installation of Quagga listening on the remote host is affected by multiple vulnerabilities :\n\n - A denial of service vulnerability in OSPF6D can be triggered by a specially crafted Link Status Update message with an invalid IPv6 prefix length.\n (CVE-2011-3323)\n\n - A denial of service vulnerability in OSPF6D can be triggered by a specially crafted IPv6 Database Description message with trailing zero values in the Link State Advertisement header list. (CVE-2011-3324)\n\n - A denial of service vulnerability in OSPFD can be triggered by a 0x0A type field in an IPv4 packet header or a truncated IPv4 Hello packet. (CVE-2011-3325)\n\n - A denial of service vulnerability in OSPFD can be triggered by a specially crafted IPv4 Link State Update message with an invalid Link State Advertisement type.\n (CVE-2011-3326)\n\n - A heap-based buffer overflow in BGPD can be triggered by a specially crafted UPDATE message over IPv4.\n (CVE-2011-3326)", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.19 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2019-12-04T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_19.NASL", "href": "https://www.tenable.com/plugins/nessus/59790", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59790);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2011-3323\",\n \"CVE-2011-3324\",\n \"CVE-2011-3325\",\n \"CVE-2011-3326\",\n \"CVE-2011-3327\"\n );\n script_bugtraq_id(49784);\n script_xref(name:\"CERT\", value:\"668534\");\n\n script_name(english:\"Quagga < 0.99.19 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga listening on the remote host is affected by multiple\nvulnerabilities :\n\n - A denial of service vulnerability in OSPF6D can be\n triggered by a specially crafted Link Status Update\n message with an invalid IPv6 prefix length.\n (CVE-2011-3323)\n\n - A denial of service vulnerability in OSPF6D can be\n triggered by a specially crafted IPv6 Database\n Description message with trailing zero values in the\n Link State Advertisement header list. (CVE-2011-3324)\n\n - A denial of service vulnerability in OSPFD can be\n triggered by a 0x0A type field in an IPv4 packet header\n or a truncated IPv4 Hello packet. (CVE-2011-3325)\n\n - A denial of service vulnerability in OSPFD can be\n triggered by a specially crafted IPv4 Link State Update\n message with an invalid Link State Advertisement type.\n (CVE-2011-3326)\n\n - A heap-based buffer overflow in BGPD can be triggered by\n a specially crafted UPDATE message over IPv4.\n (CVE-2011-3326)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7143\");\n script_set_attribute(attribute:\"see_also\", value:\"http://web.archive.org/web/20111122030035/http://www.quagga.net/download/quagga-0.99.19.changelog.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.19 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3327\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.19\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_hole(port:port, extra:report);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:30", "description": "Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled Link State Update messages with invalid lengths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2011-3323)\n\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled certain IPv6 Database Description messages.\nA remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2011-3324)\n\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled certain IPv4 packets. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2011-3325)\n\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled invalid Link State Advertisement (LSA) types. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2011-3326)\n\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled certain BGP UPDATE messages. A remote attacker could use this flaw to cause Quagga to crash, or possibly execute arbitrary code. (CVE-2011-3327).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-11-16T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : quagga vulnerabilities (USN-1261-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:quagga", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10"], "id": "UBUNTU_USN-1261-1.NASL", "href": "https://www.tenable.com/plugins/nessus/56853", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1261-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56853);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_bugtraq_id(49784);\n script_xref(name:\"USN\", value:\"1261-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : quagga vulnerabilities (USN-1261-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that\nQuagga incorrectly handled Link State Update messages with invalid\nlengths. A remote attacker could use this flaw to cause Quagga to\ncrash, resulting in a denial of service. (CVE-2011-3323)\n\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that\nQuagga incorrectly handled certain IPv6 Database Description messages.\nA remote attacker could use this flaw to cause Quagga to crash,\nresulting in a denial of service. (CVE-2011-3324)\n\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that\nQuagga incorrectly handled certain IPv4 packets. A remote attacker\ncould use this flaw to cause Quagga to crash, resulting in a denial of\nservice. (CVE-2011-3325)\n\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that\nQuagga incorrectly handled invalid Link State Advertisement (LSA)\ntypes. A remote attacker could use this flaw to cause Quagga to crash,\nresulting in a denial of service. (CVE-2011-3326)\n\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered that\nQuagga incorrectly handled certain BGP UPDATE messages. A remote\nattacker could use this flaw to cause Quagga to crash, or possibly\nexecute arbitrary code. (CVE-2011-3327).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1261-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|10\\.10|11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 10.10 / 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"quagga\", pkgver:\"0.99.15-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"quagga\", pkgver:\"0.99.17-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"quagga\", pkgver:\"0.99.17-4ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"quagga\", pkgver:\"0.99.18-2ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:51", "description": "Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several vulnerabilities in Quagga, an Internet routing daemon :\n\n - CVE-2011-3323 A stack-based buffer overflow while decoding Link State Update packets with a malformed Inter Area Prefix LSA can cause the ospf6d process to crash or (potentially) execute arbitrary code.\n\n - CVE-2011-3324 The ospf6d process can crash while processing a Database Description packet with a crafted Link-State-Advertisement.\n\n - CVE-2011-3325 The ospfd process can crash while processing a crafted Hello packet.\n\n - CVE-2011-3326 The ospfd process crashes while processing Link-State-Advertisements of a type not known to Quagga.\n\n - CVE-2011-3327 A heap-based buffer overflow while processing BGP UPDATE messages containing an Extended Communities path attribute can cause the bgpd process to crash or (potentially) execute arbitrary code.\n\nThe OSPF-related vulnerabilities require that potential attackers send packets to a vulnerable Quagga router; the packets are not distributed over OSPF. In contrast, the BGP UPDATE messages could be propagated by some routers.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-06T00:00:00", "type": "nessus", "title": "Debian DSA-2316-1 : quagga - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:quagga", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2316.NASL", "href": "https://www.tenable.com/plugins/nessus/56394", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2316. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56394);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_bugtraq_id(49784);\n script_xref(name:\"DSA\", value:\"2316\");\n\n script_name(english:\"Debian DSA-2316-1 : quagga - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several\nvulnerabilities in Quagga, an Internet routing daemon :\n\n - CVE-2011-3323\n A stack-based buffer overflow while decoding Link State\n Update packets with a malformed Inter Area Prefix LSA\n can cause the ospf6d process to crash or (potentially)\n execute arbitrary code.\n\n - CVE-2011-3324\n The ospf6d process can crash while processing a Database\n Description packet with a crafted\n Link-State-Advertisement.\n\n - CVE-2011-3325\n The ospfd process can crash while processing a crafted\n Hello packet.\n\n - CVE-2011-3326\n The ospfd process crashes while processing\n Link-State-Advertisements of a type not known to Quagga.\n\n - CVE-2011-3327\n A heap-based buffer overflow while processing BGP UPDATE\n messages containing an Extended Communities path\n attribute can cause the bgpd process to crash or\n (potentially) execute arbitrary code.\n\nThe OSPF-related vulnerabilities require that potential attackers send\npackets to a vulnerable Quagga router; the packets are not distributed\nover OSPF. In contrast, the BGP UPDATE messages could be propagated by\nsome routers.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-3323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-3324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-3325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-3326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-3327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/quagga\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2316\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the quagga packages.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.99.10-1lenny6.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.17-2+squeeze3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"quagga\", reference:\"0.99.10-1lenny6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga\", reference:\"0.99.17-2+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-dbg\", reference:\"0.99.17-2+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-doc\", reference:\"0.99.17-2+squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:53", "description": "This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description packet (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in Quagga's BGP (CVE-2011-3327)", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : quagga (openSUSE-SU-2011:1155-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:quagga", "p-cpe:/a:novell:opensuse:quagga-debuginfo", "p-cpe:/a:novell:opensuse:quagga-debugsource", "p-cpe:/a:novell:opensuse:quagga-devel", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_QUAGGA-111013.NASL", "href": "https://www.tenable.com/plugins/nessus/76007", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update quagga-5276.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76007);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n\n script_name(english:\"openSUSE Security Update : quagga (openSUSE-SU-2011:1155-1)\");\n script_summary(english:\"Check for the quagga-5276 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State\n Update with Inter Area Prefix Lsa (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description\n packet (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP (CVE-2011-3327)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718061\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-10/msg00021.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"quagga-0.99.17-4.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"quagga-debuginfo-0.99.17-4.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"quagga-debugsource-0.99.17-4.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"quagga-devel-0.99.17-4.11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:53", "description": "This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description packet (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in Quagga's BGP (CVE-2011-3327)", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : quagga (openSUSE-SU-2011:1155-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:quagga", "p-cpe:/a:novell:opensuse:quagga-devel", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_QUAGGA-111013.NASL", "href": "https://www.tenable.com/plugins/nessus/75723", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update quagga-5276.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75723);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n\n script_name(english:\"openSUSE Security Update : quagga (openSUSE-SU-2011:1155-1)\");\n script_summary(english:\"Check for the quagga-5276 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State\n Update with Inter Area Prefix Lsa (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description\n packet (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP (CVE-2011-3327)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718061\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-10/msg00021.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"quagga-0.99.17-1.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"quagga-devel-0.99.17-1.11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:39", "description": "This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa. (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description packet. (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet.\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update.\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in Quagga's BGP. (CVE-2011-3327)", "cvss3": {"score": null, "vector": null}, "published": "2011-10-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : quagga (ZYPP Patch Number 7767)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_QUAGGA-7767.NASL", "href": "https://www.tenable.com/plugins/nessus/56615", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56615);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n\n script_name(english:\"SuSE 10 Security Update : quagga (ZYPP Patch Number 7767)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 718056: OSPF6D buffer overflow while decoding Link State\n Update with Inter Area Prefix Lsa. (CVE-2011-3323)\n\n - 718058: OSPF6D DoS while decoding Database Description\n packet. (CVE-2011-3324)\n\n - 718059: OSPFD DoS while decoding Hello packet.\n (CVE-2011-3325)\n\n - 718061: OSPFD DoS while decoding Link State Update.\n (CVE-2011-3326)\n\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP. (CVE-2011-3327)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3323.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3324.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3325.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3326.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3327.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7767.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"quagga-0.99.9-14.11.9\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"quagga-devel-0.99.9-14.11.9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:58:19", "description": "This update of quagga fixes multiple security flaws that could have caused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination with logrotate were fixed.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-07T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : quagga (ZYPP Patch Number 8108)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_QUAGGA-8108.NASL", "href": "https://www.tenable.com/plugins/nessus/59393", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59393);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"SuSE 10 Security Update : quagga (ZYPP Patch Number 8108)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of quagga fixes multiple security flaws that could have\ncaused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination\nwith logrotate were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0249.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0250.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0255.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1820.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8108.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"quagga-0.99.9-14.15.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"quagga-devel-0.99.9-14.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:56:00", "description": "This update of quagga fixes multiple security flaws that could have caused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination with logrotate were fixed.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : quagga (SAT Patch Number 6241)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:quagga", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_QUAGGA-120430.NASL", "href": "https://www.tenable.com/plugins/nessus/64222", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64222);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"SuSE 11.1 Security Update : quagga (SAT Patch Number 6241)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of quagga fixes multiple security flaws that could have\ncaused a Denial of Service via specially crafted packets.\n(CVE-2012-1820 / CVE-2012-0249 / CVE-2012-0250 / CVE-2012-0255)\n\nAdditionally, issues with service owned directories in combination\nwith logrotate were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=759081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0249.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0250.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0255.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1820.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6241.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"quagga-0.99.15-0.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:47:14", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. (CVE-2012-0248)\n\n - Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.\n (CVE-2012-0249)\n\n - Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. (CVE-2012-0250)\n\n - The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability). (CVE-2012-0255)\n\n - The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message. (CVE-2012-1820)", "cvss3": {"score": null, "vector": null}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : quagga (cve_2012_1820_denial_of)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0248", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.0", "p-cpe:/a:oracle:solaris:quagga"], "id": "SOLARIS11_QUAGGA_20120821.NASL", "href": "https://www.tenable.com/plugins/nessus/80752", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80752);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0248\", \"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : quagga (cve_2012_1820_denial_of)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - ImageMagick 6.7.5-7 and earlier allows remote attackers\n to cause a denial of service (infinite loop and hang)\n via a crafted image whose IFD contains IOP tags that all\n reference the beginning of the IDF. (CVE-2012-0248)\n\n - Buffer overflow in the ospf_ls_upd_list_lsa function in\n ospf_packet.c in the OSPFv2 implementation in ospfd in\n Quagga before 0.99.20.1 allows remote attackers to cause\n a denial of service (assertion failure and daemon exit)\n via a Link State Update (aka LS Update) packet that is\n smaller than the length specified in its header.\n (CVE-2012-0249)\n\n - Buffer overflow in the OSPFv2 implementation in ospfd in\n Quagga before 0.99.20.1 allows remote attackers to cause\n a denial of service (daemon crash) via a Link State\n Update (aka LS Update) packet containing a network-LSA\n link-state advertisement for which the data-structure\n length is smaller than the value in the Length header\n field. (CVE-2012-0250)\n\n - The BGP implementation in bgpd in Quagga before\n 0.99.20.1 does not properly use message buffers for OPEN\n messages, which allows remote attackers to cause a\n denial of service (assertion failure and daemon exit)\n via a message associated with a malformed Four-octet AS\n Number Capability (aka AS4 capability). (CVE-2012-0255)\n\n - The bgp_capability_orf function in bgpd in Quagga\n 0.99.20.1 and earlier allows remote attackers to cause a\n denial of service (assertion failure and daemon exit) by\n leveraging a BGP peering relationship and sending a\n malformed Outbound Route Filtering (ORF) capability TLV\n in an OPEN message. (CVE-2012-1820)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2012-1820-denial-of-service-dos-vulnerability-in-quagga\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-quagga\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93e9a1eb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11/11 SRU 10.5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:quagga\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^quagga$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.10.0.5.0\", sru:\"SRU 10.5a\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : quagga\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"quagga\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:52:27", "description": "The remote host is affected by the vulnerability described in GLSA-201310-08 (Quagga: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker may be able to cause arbitrary code execution or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2013-10-11T00:00:00", "type": "nessus", "title": "GLSA-201310-08 : Quagga: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:quagga", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201310-08.NASL", "href": "https://www.tenable.com/plugins/nessus/70381", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201310-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70381);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\", \"CVE-2012-1820\", \"CVE-2013-2236\");\n script_bugtraq_id(52531, 53775, 60955);\n script_xref(name:\"GLSA\", value:\"201310-08\");\n\n script_name(english:\"GLSA-201310-08 : Quagga: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201310-08\n(Quagga: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Quagga. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to cause arbitrary code execution or a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201310-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Quagga users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/quagga-0.99.22.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/quagga\", unaffected:make_list(\"ge 0.99.22.4\"), vulnerable:make_list(\"lt 0.99.22.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:31", "description": "It was discovered that Quagga incorrectly handled Link State Update messages with invalid lengths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0249, CVE-2012-0250)\n\nIt was discovered that Quagga incorrectly handled messages with a malformed Four-octet AS Number Capability. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0255).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-05-16T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerabilities (USN-1441-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:quagga", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1441-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59107", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1441-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59107);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"USN\", value:\"1441-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerabilities (USN-1441-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga incorrectly handled Link State Update\nmessages with invalid lengths. A remote attacker could use this flaw\nto cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0249, CVE-2012-0250)\n\nIt was discovered that Quagga incorrectly handled messages with a\nmalformed Four-octet AS Number Capability. A remote attacker could use\nthis flaw to cause Quagga to crash, resulting in a denial of service.\n(CVE-2012-0255).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1441-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.10.04.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.04.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.10.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.12.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:31", "description": "Several vulnerabilities have been discovered in Quagga, a routing daemon.\n\n - CVE-2012-0249 A buffer overflow in the ospf_ls_upd_list_lsa function in the OSPFv2 implementation allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.\n\n - CVE-2012-0250 A buffer overflow in the OSPFv2 implementation allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.\n\n - CVE-2012-0255 The BGP implementation does not properly use message buffers for OPEN messages, which allows remote attackers impersonating a configured BGP peer to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent upstream release. This release includes other corrections, such as hardening against unknown BGP path attributes.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-27T00:00:00", "type": "nessus", "title": "Debian DSA-2459-2 : quagga - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:quagga", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2459.NASL", "href": "https://www.tenable.com/plugins/nessus/58883", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2459. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58883);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"DSA\", value:\"2459\");\n\n script_name(english:\"Debian DSA-2459-2 : quagga - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\n - CVE-2012-0249\n A buffer overflow in the ospf_ls_upd_list_lsa function\n in the OSPFv2 implementation allows remote attackers to\n cause a denial of service (assertion failure and daemon\n exit) via a Link State Update (aka LS Update) packet\n that is smaller than the length specified in its header.\n\n - CVE-2012-0250\n A buffer overflow in the OSPFv2 implementation allows\n remote attackers to cause a denial of service (daemon\n crash) via a Link State Update (aka LS Update) packet\n containing a network-LSA link-state advertisement for\n which the data-structure length is smaller than the\n value in the Length header field.\n\n - CVE-2012-0255\n The BGP implementation does not properly use message\n buffers for OPEN messages, which allows remote attackers\n impersonating a configured BGP peer to cause a denial of\n service (assertion failure and daemon exit) via a\n message associated with a malformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/quagga\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2459\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the quagga packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"quagga\", reference:\"0.99.20.1-0+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-dbg\", reference:\"0.99.20.1-0+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-doc\", reference:\"0.99.20.1-0+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "According to its self-reported version number, the installation of Quagga listening on the remote host is affected by multiple vulnerabilities :\n\n - A buffer overflow vulnerability exists in OSPFD can be triggered by a specially crafted Link Status Update message that is smaller than the length specified in its header, leading to denial of service.\n (CVE-2012-0249)\n\n - A buffer overflow vulnerability in exists OSPFD can be triggered by a specially crafted Link Status Update message containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field, leading to denial of service. (CVE-2012-0250)\n\n - A denial of service vulnerability exists in BGPD that can be triggered by a specially crafted OPEN message with a malformed four-octet AS Number Capability.\n (CVE-2012-0250)", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.20.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_20_1.NASL", "href": "https://www.tenable.com/plugins/nessus/59791", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59791);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/25 18:58:04\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"CERT\", value:\"551715\");\n\n script_name(english:\"Quagga < 0.99.20.1 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga listening on the remote host is affected by multiple\nvulnerabilities :\n\n - A buffer overflow vulnerability exists in OSPFD can be\n triggered by a specially crafted Link Status Update\n message that is smaller than the length specified in \n its header, leading to denial of service.\n (CVE-2012-0249)\n\n - A buffer overflow vulnerability in exists OSPFD can be\n triggered by a specially crafted Link Status Update\n message containing a network-LSA link-state\n advertisement for which the data-structure length is\n smaller than the value in the Length header field,\n leading to denial of service. (CVE-2012-0250)\n\n - A denial of service vulnerability exists in BGPD that \n can be triggered by a specially crafted OPEN message \n with a malformed four-octet AS Number Capability.\n (CVE-2012-0250)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.20.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.quagga.net/show_bug.cgi?id=705\");\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7151\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.quagga.net/download/quagga-0.99.20.1.changelog.txt\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.20.1\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_warning(port:port, extra:report);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:32", "description": "fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-20T00:00:00", "type": "nessus", "title": "Fedora 17 : quagga-0.99.20.1-1.fc17 (2012-5352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-5352.NASL", "href": "https://www.tenable.com/plugins/nessus/58805", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5352.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58805);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_xref(name:\"FEDORA\", value:\"2012-5352\");\n\n script_name(english:\"Fedora 17 : quagga-0.99.20.1-1.fc17 (2012-5352)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802829\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54991e49\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"quagga-0.99.20.1-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:43", "description": "CERT reports :\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon aborts due to an assert) with a malformed OSPF LS-Update message.\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon crash) with a malformed OSPF Network- LSA message.\n\nThe bgpd implementation of BGP in Quagga allows remote attackers to cause a denial of service (daemon aborts due to an assert) via BGP Open message with an invalid AS4 capability.", "cvss3": {"score": null, "vector": null}, "published": "2012-03-26T00:00:00", "type": "nessus", "title": "FreeBSD : quagga -- multiple vulnerabilities (42a2c82a-75b9-11e1-89b4-001ec9578670)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:quagga", "p-cpe:/a:freebsd:freebsd:quagga-re", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_42A2C82A75B911E189B4001EC9578670.NASL", "href": "https://www.tenable.com/plugins/nessus/58471", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58471);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_xref(name:\"CERT\", value:\"551715\");\n\n script_name(english:\"FreeBSD : quagga -- multiple vulnerabilities (42a2c82a-75b9-11e1-89b4-001ec9578670)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CERT reports :\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker\n(on a local network segment with OSPF enabled) to cause a denial of\nservice (daemon aborts due to an assert) with a malformed OSPF\nLS-Update message.\n\nThe ospfd implementation of OSPF in Quagga allows a remote attacker\n(on a local network segment with OSPF enabled) to cause a denial of\nservice (daemon crash) with a malformed OSPF Network- LSA message.\n\nThe bgpd implementation of BGP in Quagga allows remote attackers to\ncause a denial of service (daemon aborts due to an assert) via BGP\nOpen message with an invalid AS4 capability.\"\n );\n # https://vuxml.freebsd.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?14ac3939\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga-re\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"quagga<0.99.20.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"quagga-re<0.99.17.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:33", "description": "fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-23T00:00:00", "type": "nessus", "title": "Fedora 15 : quagga-0.99.20.1-1.fc15 (2012-5436)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-5436.NASL", "href": "https://www.tenable.com/plugins/nessus/58822", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5436.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58822);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"FEDORA\", value:\"2012-5436\");\n\n script_name(english:\"Fedora 15 : quagga-0.99.20.1-1.fc15 (2012-5436)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802829\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3476b3b9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"quagga-0.99.20.1-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:33", "description": "fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-04-23T00:00:00", "type": "nessus", "title": "Fedora 16 : quagga-0.99.20.1-1.fc16 (2012-5411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-5411.NASL", "href": "https://www.tenable.com/plugins/nessus/58819", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5411.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58819);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0249\", \"CVE-2012-0250\", \"CVE-2012-0255\");\n script_bugtraq_id(52531);\n script_xref(name:\"FEDORA\", value:\"2012-5411\");\n\n script_name(english:\"Fedora 16 : quagga-0.99.20.1-1.fc16 (2012-5411)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes CVEs, updates to latest upstream quagga-0.99.20.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802829\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f5ca7ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"quagga-0.99.20.1-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:55", "description": "The remote host is affected by the vulnerability described in GLSA-201202-02 (Quagga: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A BGP peer could send a Route-Refresh message with specially crafted ORF record, which can cause Quagga's bgpd to crash or possibly execute arbitrary code with the privileges of the user running Quagga's bgpd; a BGP update AS path request with unknown AS type, or malformed AS-Pathlimit or Extended-Community attributes could lead to Denial of Service (daemon crash), an error in bgpd when handling AS_PATH attributes within UPDATE messages can be exploited to cause a heap-based buffer overflow resulting in a crash of the daemon and disruption of IPv4 routing, two errors in ospf6d and ospfd can each be exploited to crash the daemon and disrupt IP routing.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2012-02-22T00:00:00", "type": "nessus", "title": "GLSA-201202-02 : Quagga: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1674", "CVE-2010-1675", "CVE-2010-2948", "CVE-2010-2949", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:quagga", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201202-02.NASL", "href": "https://www.tenable.com/plugins/nessus/58081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201202-02.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58081);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1674\", \"CVE-2010-1675\", \"CVE-2010-2948\", \"CVE-2010-2949\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\", \"CVE-2011-3327\");\n script_xref(name:\"GLSA\", value:\"201202-02\");\n\n script_name(english:\"GLSA-201202-02 : Quagga: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201202-02\n(Quagga: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Quagga. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A BGP peer could send a Route-Refresh message with specially crafted ORF\n record, which can cause Quagga's bgpd to crash or possibly execute\n arbitrary code with the privileges of the user running Quagga's bgpd; a\n BGP update AS path request with unknown AS type, or malformed\n AS-Pathlimit or Extended-Community attributes could lead to Denial of\n Service (daemon crash), an error in bgpd when handling AS_PATH attributes\n within UPDATE messages can\n be exploited to cause a heap-based buffer overflow resulting in a crash\n of the\n daemon and disruption of IPv4 routing, two errors in ospf6d and ospfd can\n each be exploited to crash the daemon and disrupt IP routing.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201202-02\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Quagga users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/quagga-0.99.20'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/quagga\", unaffected:make_list(\"ge 0.99.20 \"), vulnerable:make_list(\"lt 0.99.20 \"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Quagga\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:06", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled. (CVE-2007-4826)\n\n - The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error. (CVE-2009-1572)\n\n - The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute.\n (CVE-2010-1674)\n\n - bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute. (CVE-2010-1675)\n\n - Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message. (CVE-2010-2948)\n\n - bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message. (CVE-2010-2949)\n\n - The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length. (CVE-2011-3323)\n\n - The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message. (CVE-2011-3324)\n\n - ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet.\n (CVE-2011-3325)\n\n - The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message. (CVE-2011-3326)", "cvss3": {"score": null, "vector": null}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : quagga (multiple_denial_of_service_vulnerabilities4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4826", "CVE-2009-1572", "CVE-2010-1674", "CVE-2010-1675", "CVE-2010-2948", "CVE-2010-2949", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.0", "p-cpe:/a:oracle:solaris:quagga"], "id": "SOLARIS11_QUAGGA_20120404.NASL", "href": "https://www.tenable.com/plugins/nessus/80751", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80751);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4826\", \"CVE-2009-1572\", \"CVE-2010-1674\", \"CVE-2010-1675\", \"CVE-2010-2948\", \"CVE-2010-2949\", \"CVE-2011-3323\", \"CVE-2011-3324\", \"CVE-2011-3325\", \"CVE-2011-3326\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : quagga (multiple_denial_of_service_vulnerabilities4)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - bgpd in Quagga before 0.99.9 allows explicitly\n configured BGP peers to cause a denial of service\n (crash) via a malformed (1) OPEN message or (2) a\n COMMUNITY attribute, which triggers a NULL pointer\n dereference. NOTE: vector 2 only exists when debugging\n is enabled. (CVE-2007-4826)\n\n - The BGP daemon (bgpd) in Quagga 0.99.11 and earlier\n allows remote attackers to cause a denial of service\n (crash) via an AS path containing ASN elements whose\n string representation is longer than expected, which\n triggers an assert error. (CVE-2009-1572)\n\n - The extended-community parser in bgpd in Quagga before\n 0.99.18 allows remote attackers to cause a denial of\n service (NULL pointer dereference and application crash)\n via a malformed Extended Communities attribute.\n (CVE-2010-1674)\n\n - bgpd in Quagga before 0.99.18 allows remote attackers to\n cause a denial of service (session reset) via a\n malformed AS_PATHLIMIT path attribute. (CVE-2010-1675)\n\n - Stack-based buffer overflow in the\n bgp_route_refresh_receive function in bgp_packet.c in\n bgpd in Quagga before 0.99.17 allows remote\n authenticated users to cause a denial of service (daemon\n crash) or possibly execute arbitrary code via a\n malformed Outbound Route Filtering (ORF) record in a BGP\n ROUTE-REFRESH (RR) message. (CVE-2010-2948)\n\n - bgpd in Quagga before 0.99.17 does not properly parse AS\n paths, which allows remote attackers to cause a denial\n of service (NULL pointer dereference and daemon crash)\n via an unknown AS type in an AS path attribute in a BGP\n UPDATE message. (CVE-2010-2949)\n\n - The OSPFv3 implementation in ospf6d in Quagga before\n 0.99.19 allows remote attackers to cause a denial of\n service (out-of-bounds memory access and daemon crash)\n via a Link State Update message with an invalid IPv6\n prefix length. (CVE-2011-3323)\n\n - The ospf6_lsa_is_changed function in ospf6_lsa.c in the\n OSPFv3 implementation in ospf6d in Quagga before 0.99.19\n allows remote attackers to cause a denial of service\n (assertion failure and daemon exit) via trailing zero\n values in the Link State Advertisement (LSA) header list\n of an IPv6 Database Description message. (CVE-2011-3324)\n\n - ospf_packet.c in ospfd in Quagga before 0.99.19 allows\n remote attackers to cause a denial of service (daemon\n crash) via (1) a 0x0a type field in an IPv4 packet\n header or (2) a truncated IPv4 Hello packet.\n (CVE-2011-3325)\n\n - The ospf_flood function in ospf_flood.c in ospfd in\n Quagga before 0.99.19 allows remote attackers to cause a\n denial of service (daemon crash) via an invalid Link\n State Advertisement (LSA) type in an IPv4 Link State\n Update message. (CVE-2011-3326)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-denial-of-service-vulnerabilities-in-quagga\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7464013e\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-denial-of-service-vulnerabilities-in-quagga\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7464013e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11/11 SRU 4.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:quagga\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^quagga$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.4.0.5.0\", sru:\"SRU 4\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : quagga\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"quagga\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:56:55", "description": "It was discovered that Quagga incorrectly handled certain malformed messages. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-10-12T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerability (USN-1605-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:quagga", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1605-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62512", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1605-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62512);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"USN\", value:\"1605-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : quagga vulnerability (USN-1605-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga incorrectly handled certain malformed\nmessages. A remote attacker could use this flaw to cause Quagga to\ncrash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1605-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.10.04.3\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.04.3\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.11.10.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"quagga\", pkgver:\"0.99.20.1-0ubuntu0.12.04.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:55:14", "description": "Updated quagga package fixes security vulnerability :\n\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message (CVE-2012-1820).", "cvss3": {"score": null, "vector": null}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : quagga (MDVSA-2013:122)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64quagga-devel", "p-cpe:/a:mandriva:linux:lib64quagga0", "p-cpe:/a:mandriva:linux:quagga", "p-cpe:/a:mandriva:linux:quagga-contrib", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-122.NASL", "href": "https://www.tenable.com/plugins/nessus/66134", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:122. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66134);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"MDVSA\", value:\"2013:122\");\n script_xref(name:\"MGASA\", value:\"2012-0133\");\n\n script_name(english:\"Mandriva Linux Security Advisory : quagga (MDVSA-2013:122)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated quagga package fixes security vulnerability :\n\nThe bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message (CVE-2012-1820).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64quagga0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64quagga-devel-0.99.20.1-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64quagga0-0.99.20.1-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"quagga-0.99.20.1-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"quagga-contrib-0.99.20.1-4.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-16T14:50:31", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : quagga (ALAS-2012-90)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:quagga", "p-cpe:/a:amazon:linux:quagga-contrib", "p-cpe:/a:amazon:linux:quagga-debuginfo", "p-cpe:/a:amazon:linux:quagga-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-90.NASL", "href": "https://www.tenable.com/plugins/nessus/69697", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-90.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69697);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"ALAS\", value:\"2012-90\");\n\n script_name(english:\"Amazon Linux AMI : quagga (ALAS-2012-90)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and\nearlier allows remote attackers to cause a denial of service\n(assertion failure and daemon exit) by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering (ORF)\ncapability TLV in an OPEN message.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-90.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update quagga' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"quagga-0.99.20.1-1.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-contrib-0.99.20.1-1.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-debuginfo-0.99.20.1-1.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-devel-0.99.20.1-1.5.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:02", "description": "Update to the 0.99.21 which fixes various issues. In addition, this update fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 17 : quagga-0.99.21-2.fc17 (2012-9103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-9103.NASL", "href": "https://www.tenable.com/plugins/nessus/59577", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9103.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59577);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"FEDORA\", value:\"2012-9103\");\n\n script_name(english:\"Fedora 17 : quagga-0.99.21-2.fc17 (2012-9103)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the 0.99.21 which fixes various issues. In addition, this\nupdate fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN\nmessage with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817580\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082500.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ceaed9ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"quagga-0.99.21-2.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:21", "description": "CERT reports :\n\nIf a pre-configured BGP peer sends a specially crafted OPEN message with a malformed ORF capability TLV, Quagga bgpd process will erroneously try to consume extra bytes from the input packet buffer.\nThe process will detect a buffer overrun attempt before it happens and immediately terminate with an error message. All BGP sessions established by the attacked router will be closed and its BGP routing disrupted.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-06T00:00:00", "type": "nessus", "title": "FreeBSD : quagga -- BGP OPEN denial of service vulnerability (1e14d46f-af1f-11e1-b242-00215af774f0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:quagga", "p-cpe:/a:freebsd:freebsd:quagga-re", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_1E14D46FAF1F11E1B24200215AF774F0.NASL", "href": "https://www.tenable.com/plugins/nessus/59380", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59380);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"CERT\", value:\"962587\");\n\n script_name(english:\"FreeBSD : quagga -- BGP OPEN denial of service vulnerability (1e14d46f-af1f-11e1-b242-00215af774f0)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CERT reports :\n\nIf a pre-configured BGP peer sends a specially crafted OPEN message\nwith a malformed ORF capability TLV, Quagga bgpd process will\nerroneously try to consume extra bytes from the input packet buffer.\nThe process will detect a buffer overrun attempt before it happens and\nimmediately terminate with an error message. All BGP sessions\nestablished by the attacked router will be closed and its BGP routing\ndisrupted.\"\n );\n # https://vuxml.freebsd.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7a7130fa\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:quagga-re\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"quagga<=0.99.20.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"quagga-re<0.99.17.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:13", "description": "This update fixes CVE-2012-1820.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 15 : quagga-0.99.20.1-2.fc15 (2012-9117)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-9117.NASL", "href": "https://www.tenable.com/plugins/nessus/59579", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9117.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59579);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"FEDORA\", value:\"2012-9117\");\n\n script_name(english:\"Fedora 15 : quagga-0.99.20.1-2.fc15 (2012-9117)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2012-1820.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817580\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082484.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?94b7e00f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"quagga-0.99.20.1-2.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:05", "description": "According to its self-reported version number, the installation of Quagga's BGP daemon listening on the remote host is affected by a denial of service vulnerability. Unauthenticated attackers on the local network can trigger this issue by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering capability TLV in an OPEN message.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.21 BGP Denial of Service Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_21.NASL", "href": "https://www.tenable.com/plugins/nessus/59792", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59792);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/25 18:58:04\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"CERT\", value:\"962587\");\n\n script_name(english:\"Quagga < 0.99.21 BGP Denial of Service Vulnerability\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga's BGP daemon listening on the remote host is affected by a\ndenial of service vulnerability. Unauthenticated attackers on the\nlocal network can trigger this issue by leveraging a BGP peering\nrelationship and sending a malformed Outbound Route Filtering\ncapability TLV in an OPEN message.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.21 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7214\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.quagga.net/download/quagga-0.99.21.changelog.txt\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.21\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_note(port:port, extra:report);\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "Update to the 0.99.21 which fixes various issues. In addition, this update fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 16 : quagga-0.99.21-2.fc16 (2012-9116)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:quagga", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-9116.NASL", "href": "https://www.tenable.com/plugins/nessus/59578", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9116.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59578);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_xref(name:\"FEDORA\", value:\"2012-9116\");\n\n script_name(english:\"Fedora 16 : quagga-0.99.21-2.fc16 (2012-9116)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the 0.99.21 which fixes various issues. In addition, this\nupdate fixes following CVE :\n\nCVE-2012-1820: quagga (bgpd): Assertion failure by processing BGP OPEN\nmessage with malformed ORF capability TLV\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=817580\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082463.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9edba5e9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quagga package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"quagga-0.99.21-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "It was discovered that Quagga, a routing daemon, contains a vulnerability in processing the ORF capability in BGP OPEN messages. A malformed OPEN message from a previously configured BGP peer could cause bgpd to crash, causing a denial of service.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Debian DSA-2497-1 : quagga - denial of service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1820"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:quagga", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2497.NASL", "href": "https://www.tenable.com/plugins/nessus/59775", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2497. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59775);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1820\");\n script_bugtraq_id(53775);\n script_xref(name:\"DSA\", value:\"2497\");\n\n script_name(english:\"Debian DSA-2497-1 : quagga - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages. A\nmalformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/quagga\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2497\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the quagga packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"quagga\", reference:\"0.99.20.1-0+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-dbg\", reference:\"0.99.20.1-0+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"quagga-doc\", reference:\"0.99.20.1-0+squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-16T02:06:47", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : quagga (ALAS-2012-70)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0250"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:quagga", "p-cpe:/a:amazon:linux:quagga-contrib", "p-cpe:/a:amazon:linux:quagga-debuginfo", "p-cpe:/a:amazon:linux:quagga-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-70.NASL", "href": "https://www.tenable.com/plugins/nessus/69677", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-70.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69677);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-0250\");\n script_xref(name:\"ALAS\", value:\"2012-70\");\n\n script_name(english:\"Amazon Linux AMI : quagga (ALAS-2012-70)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure\nlength is smaller than the value in the Length header field.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-70.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update quagga' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:quagga-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"quagga-0.99.20.1-1.4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-contrib-0.99.20.1-1.4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-debuginfo-0.99.20.1-1.4.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"quagga-devel-0.99.20.1-1.4.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quagga / quagga-contrib / quagga-debuginfo / quagga-devel\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-27T14:45:41", "description": "According to its self-reported version number, the installation of Quagga's BGPD listening on the remote host is affected by multiple vulnerabilities :\n\n - A stack-based buffer overflow vulnerability can be triggered by a specially crafted BGP ROUTE-REFRESH message with a malformed Outbound Route Filtering record sent by a pre-configured peer. (CVE-2010-2948)\n\n - A denial of service vulnerability in BGPD can be triggered by a specially crafted UPDATE message with an unknown AS type in an AS path attribute.\n (CVE-2012-0250)", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Quagga < 0.99.17 BGPD Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2948", "CVE-2010-2949", "CVE-2012-0250"], "modified": "2019-12-04T00:00:00", "cpe": ["cpe:/a:quagga:quagga"], "id": "QUAGGA_0_99_17.NASL", "href": "https://www.tenable.com/plugins/nessus/59788", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59788);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2010-2948\", \"CVE-2010-2949\");\n script_bugtraq_id(42635, 42642);\n\n script_name(english:\"Quagga < 0.99.17 BGPD Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Quagga\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the installation of\nQuagga's BGPD listening on the remote host is affected by multiple\nvulnerabilities :\n\n - A stack-based buffer overflow vulnerability can be\n triggered by a specially crafted BGP ROUTE-REFRESH\n message with a malformed Outbound Route Filtering record\n sent by a pre-configured peer. (CVE-2010-2948)\n\n - A denial of service vulnerability in BGPD can be\n triggered by a specially crafted UPDATE message with an\n unknown AS type in an AS path attribute.\n (CVE-2012-0250)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://savannah.nongnu.org/forum/forum.php?forum_id=7140\");\n script_set_attribute(attribute:\"see_also\", value:\"http://web.archive.org/web/20110928221629/http://www.quagga.net/download/quagga-0.99.17.changelog.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 0.99.17 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-2948\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:quagga:quagga\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"quagga_zebra_detect.nasl\");\n script_require_keys(\"Quagga/Installed\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"Quagga Zebra\";\nkb = \"Quagga/\";\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_kb_item_or_exit(kb + \"Installed\");\n\nkb += port + \"/\";\nbanner = get_kb_item_or_exit(kb + \"Banner\");\nver = get_kb_item_or_exit(kb + \"Version\");\n\nif (ver !~ \"^\\d+(\\.\\d+)*$\")\n audit(AUDIT_NONNUMERIC_VER, app, port, ver);\n\nfix = \"0.99.17\";\nif (ver_compare(ver:ver, fix:fix, strict:TRUE) >= 0)\n audit(AUDIT_LISTEN_NOT_VULN, app, port, ver);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nsecurity_warning(port:port, extra:report);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2022-02-27T11:55:22", "description": "**CentOS Errata and Security Advisory** CESA-2012:1259\n\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nTwo flaws were found in the way the bgpd daemon processed certain BGP OPEN\nmessages. A configured BGP peer could cause bgpd on a target system to\nabort via a specially-crafted BGP OPEN message. (CVE-2012-0255,\nCVE-2012-1820)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and\nCVE-2012-1820. CERT-FI acknowledges Riku Hietam\u00e4ki, Tuomo Untinen and Jukka\nTaimisto of the Codenomicon CROSS project as the original reporters of\nCVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and\nCVE-2011-3326. The CERT/CC acknowledges Martin Winter at\nOpenSourceRouting.org as the original reporter of CVE-2012-0249,\nCVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original\nreporter of CVE-2012-1820.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-September/055787.html\n\n**Affected packages:**\nquagga\nquagga-contrib\nquagga-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:1259", "cvss3": {}, "published": "2012-09-12T23:23:05", "type": "centos", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820"], "modified": "2012-09-12T23:23:05", "id": "CESA-2012:1259", "href": "https://lists.centos.org/pipermail/centos-announce/2012-September/055787.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-27T11:55:22", "description": "**CentOS Errata and Security Advisory** CESA-2012:1258\n\n\nQuagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A configured\nBGP peer could crash bgpd on a target system via a specially-crafted BGP\nmessage. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\nproject as the original reporters of CVE-2011-3327, CVE-2011-3323,\nCVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\nMartin Winter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-September/055785.html\n\n**Affected packages:**\nquagga\nquagga-contrib\nquagga-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:1258", "cvss3": {}, "published": "2012-09-12T21:45:33", "type": "centos", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2012-09-12T21:45:33", "id": "CESA-2012:1258", "href": "https://lists.centos.org/pipermail/centos-announce/2012-September/055785.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-04-22T03:48:42", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: quagga-0.99.20.1-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-22T03:48:42", "id": "FEDORA:339B620DE9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HXFGW4KRPATLU26PXXSVAGM63RLYZ57I/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-06-19T15:02:10", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: quagga-0.99.20.1-2.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2012-1820"], "modified": "2012-06-19T15:02:10", "id": "FEDORA:CF10E20C82", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4MC4MKME2QCNBNC7MICTNKJJYDTJHOOI/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2011-10-18T22:20:24", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: quagga-0.99.20-2.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2011-10-18T22:20:24", "id": "FEDORA:729B120E3B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VWYF7B2K4W5D67HM73ECCAIHPFAP2XST/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2011-10-19T04:40:08", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: quagga-0.99.20-2.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2011-10-19T04:40:08", "id": "FEDORA:910AD21001", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NJWP5P7C5BZCTITPSZEELKKSRWTUO4RC/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2011-10-18T22:16:10", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: quagga-0.99.20-2.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1674", "CVE-2010-1675", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2011-10-18T22:16:10", "id": "FEDORA:174EB214C3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4DR3RBRQYGOHKXLQYBLPJOFRMRO4QR2U/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-04-20T03:07:24", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: quagga-0.99.20.1-1.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-20T03:07:24", "id": "FEDORA:520CC20C2F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XCM4W7KJMKLEEFZXGPD3I4TQOUDRPRW2/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-04-22T03:43:44", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: quagga-0.99.20.1-1.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-22T03:43:44", "id": "FEDORA:2C9CC214AD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WYTH7OITP6TDAWBVWEF526S5HJIY5PXM/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Quagga is free software that operates TCP/IP-based routing protocols. It ta kes a multi-server and multi-threaded approach to resolving the current complex ity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-06-19T14:55:47", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: quagga-0.99.21-2.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-19T14:55:47", "id": "FEDORA:DF7CB20842", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QPKVHLYKPWKPX5KUUQHVRL5F35WSSKCU/", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Quagga is free software that operates TCP/IP-based routing protocols. It ta kes a multi-server and multi-threaded approach to resolving the current complex ity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. ", "cvss3": {}, "published": "2012-06-19T15:07:44", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: quagga-0.99.21-2.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-19T15:07:44", "id": "FEDORA:B7DAD209CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/66J7PDKMF4UY477NIZWZW5Y6NOLKGZN6/", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:42:43", "description": "Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol. The Quagga\nospfd and ospf6d daemons implement the OSPF (Open Shortest Path First)\nrouting protocol.\n\nA heap-based buffer overflow flaw was found in the way the bgpd daemon\nprocessed malformed Extended Communities path attributes. An attacker could\nsend a specially-crafted BGP message, causing bgpd on a target system to\ncrash or, possibly, execute arbitrary code with the privileges of the user\nrunning bgpd. The UPDATE message would have to arrive from an explicitly\nconfigured BGP peer, but could have originated elsewhere in the BGP\nnetwork. (CVE-2011-3327)\n\nA NULL pointer dereference flaw was found in the way the bgpd daemon\nprocessed malformed route Extended Communities attributes. A configured\nBGP peer could crash bgpd on a target system via a specially-crafted BGP\nmessage. (CVE-2010-1674)\n\nA stack-based buffer overflow flaw was found in the way the ospf6d daemon\nprocessed malformed Link State Update packets. An OSPF router could use\nthis flaw to crash ospf6d on an adjacent router. (CVE-2011-3323)\n\nA flaw was found in the way the ospf6d daemon processed malformed link\nstate advertisements. An OSPF neighbor could use this flaw to crash\nospf6d on a target system. (CVE-2011-3324)\n\nA flaw was found in the way the ospfd daemon processed malformed Hello\npackets. An OSPF neighbor could use this flaw to crash ospfd on a\ntarget system. (CVE-2011-3325)\n\nA flaw was found in the way the ospfd daemon processed malformed link state\nadvertisements. An OSPF router in the autonomous system could use this flaw\nto crash ospfd on a target system. (CVE-2011-3326)\n\nAn assertion failure was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncause ospfd on an adjacent router to abort. (CVE-2012-0249)\n\nA buffer overflow flaw was found in the way the ospfd daemon processed\ncertain Link State Update packets. An OSPF router could use this flaw to\ncrash ospfd on an adjacent router. (CVE-2012-0250)\n\nRed Hat would like to thank CERT-FI for reporting CVE-2011-3327,\nCVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the\nCERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS\nproject as the original reporters of CVE-2011-3327, CVE-2011-3323,\nCVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges\nMartin Winter at OpenSourceRouting.org as the original reporter of\nCVE-2012-0249 and CVE-2012-0250.\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd, ospfd, and ospf6d daemons will be restarted\nautomatically.\n", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "redhat", "title": "(RHSA-2012:1258) Moderate: quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1674", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250"], "modified": "2017-09-08T07:54:37", "id": "RHSA-2012:1258", "href": "https://access.redhat.com/errata/RHSA-2012:1258", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T13:09:42", "description": "Riku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga \nincorrectly handled Link State Update messages with invalid lengths. A \nremote attacker could use this flaw to cause Quagga to crash, resulting in \na denial of service. (CVE-2011-3323)\n\nRiku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga \nincorrectly handled certain IPv6 Database Description messages. A remote \nattacker could use this flaw to cause Quagga to crash, resulting in a \ndenial of service. (CVE-2011-3324)\n\nRiku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga \nincorrectly handled certain IPv4 packets. A remote attacker could use this \nflaw to cause Quagga to crash, resulting in a denial of service. \n(CVE-2011-3325)\n\nRiku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga \nincorrectly handled invalid Link State Advertisement (LSA) types. A remote \nattacker could use this flaw to cause Quagga to crash, resulting in a \ndenial of service. (CVE-2011-3326)\n\nRiku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga \nincorrectly handled certain BGP UPDATE messages. A remote attacker could \nuse this flaw to cause Quagga to crash, or possibly execute arbitrary \ncode. (CVE-2011-3327)\n", "cvss3": {}, "published": "2011-11-14T00:00:00", "type": "ubuntu", "title": "Quagga vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2011-3323"], "modified": "2011-11-14T00:00:00", "id": "USN-1261-1", "href": "https://ubuntu.com/security/notices/USN-1261-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-04T13:05:48", "description": "It was discovered that Quagga incorrectly handled Link State Update \nmessages with invalid lengths. A remote attacker could use this flaw to \ncause Quagga to crash, resulting in a denial of service. (CVE-2012-0249, \nCVE-2012-0250)\n\nIt was discovered that Quagga incorrectly handled messages with a malformed \nFour-octet AS Number Capability. A remote attacker could use this flaw to \ncause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)\n", "cvss3": {}, "published": "2012-05-15T00:00:00", "type": "ubuntu", "title": "Quagga vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250", "CVE-2012-0249", "CVE-2012-0255"], "modified": "2012-05-15T00:00:00", "id": "USN-1441-1", "href": "https://ubuntu.com/security/notices/USN-1441-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-04T13:02:23", "description": "It was discovered that Quagga incorrectly handled certain malformed \nmessages. A remote attacker could use this flaw to cause Quagga to crash, \nresulting in a denial of service.\n", "cvss3": {}, "published": "2012-10-11T00:00:00", "type": "ubuntu", "title": "Quagga vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-10-11T00:00:00", "id": "USN-1605-1", "href": "https://ubuntu.com/security/notices/USN-1605-1", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2021-09-28T17:50:52", "description": "### Overview\n\nQuagga contains five remote component vulnerabilities due to issues when handling BGP, OSPF, and OSPFv3 packets.\n\n### Description\n\nCERT-FI [reports](<https://www.cert.fi/en/reports/2011/vulnerability539178.html>):\n\n_Quagga is an open source routing software that can handle various routing protocols such as RIP, BGP and OSPF. Five vulnerabilities have been found in the BGP, OSPF and OSPFv3 components of Quagga. The vulnerabilities allow an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified packets to an affected server. Routing messages are typically accepted from the routing peers. Exploiting these vulnerabilities may require an established routing session (BGP peering or OSPF/OSPFv3 adjacency) to the router. \n \nThe vulnerability CVE-2011-3327 is related to the extended communities handling in BGP messages. Receiving a malformed BGP update can result in a buffer overflow and disruption of IPv4 routing. \n \nThe vulnerability CVE-2011-3326 results from the handling of LSA (Link State Advertisement) states in the OSPF service. Receiving a modified Link State Update message with malicious state information can result in denial of service in IPv4 routing. \n \nThe vulnerability CVE-2011-3325 is a denial of service vulnerability related to Hello message handling by the OSPF service. As Hello messages are used to initiate adjacencies, exploiting the vulnerability may be feasible from the same broadcast domain without an established adjacency. A malformed packet may result in denial of service in IPv4 routing. \n \nThe vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving modified Database Description and Link State Update messages, respectively, can result in denial of service in IPv6 routing._ \n \n--- \n \n### Impact\n\nAn attacker could exploit these vulnerabilities to cause a denial-of-service crash or may execute arbitrary code on the affected server with the permissions of the Quagga software. \n \n--- \n \n### Solution\n\nCERT-FI [recommends](<https://www.cert.fi/en/reports/2011/vulnerability539178.html>)[](<https://www.cert.fi/en/reports/2011/vulnerability539178.html>): \n \n_Install either the latest version of Quagga (_[_http://www.quagga.net/_](<http://www.quagga.net/>)_) or a fixed version of the software provided by your operating system or application vendor. \n \nThe vulnerabilities can be remediated by restricting network access to the routing daemon. Exploiting four of the vulnerabilities require established routing sessions or adjacencies._ \n \n--- \n \n### Vendor Information\n\nQuagga before version 0.99.19 \n \n--- \n \n668534\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian GNU/Linux __ Affected\n\nNotified: September 14, 2011 Updated: October 06, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nFor the oldstable distribution (lenny), these problems have been fixed\n\nin version 0.99.10-1lenny6. \n \nFor the stable distribution (squeeze), these problems have been fixed \nin version 0.99.17-2+squeeze3. \n \nFor the testing distribution (wheezy) and the unstable distribution \n(sid), these problems have been fixed in version 0.99.19-1. \n \nWe recommend that you upgrade your quagga packages. \n \nFurther information about Debian Security Advisories, how to apply \nthese updates to your system and frequently asked questions can be \nfound at: <http://www.debian.org/security/>\n\n### Red Hat, Inc. Affected\n\nNotified: September 14, 2011 Updated: September 26, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3323>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3324>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3325>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3326>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3327>\n\n### Openwall GNU/*/Linux Not Affected\n\nNotified: September 14, 2011 Updated: September 16, 2011 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Wind River Systems, Inc. Not Affected\n\nNotified: September 14, 2011 Updated: September 22, 2011 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Apple Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### DragonFly BSD Project Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### EMC Corporation Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### F5 Networks, Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### FreeBSD Project Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fujitsu Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Google Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett-Packard Company Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hitachi Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Infoblox Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Juniper Networks, Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mandriva S. A. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Microsoft Corporation Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NEC Corporation Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Nokia Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Oracle Corporation Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### QNX Software Systems Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SafeNet Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Silicon Graphics, Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sony Corporation Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sun Microsystems, Inc. Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ubuntu Unknown\n\nNotified: September 16, 2011 Updated: September 16, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Unisys Unknown\n\nNotified: September 14, 2011 Updated: September 14, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 42 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n<https://www.cert.fi/en/reports/2011/vulnerability539178.html>\n\n### Acknowledgements\n\nThanks to Riku Hietam\u00e4ki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project for reporting this vulnerability to CERT-FI.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2011-3323](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-3323>), [CVE-2011-3324](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-3324>), [CVE-2011-3325](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-3325>), [CVE-2011-3326](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-3326>), [CVE-2011-3327](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-3327>) \n---|--- \n**Severity Metric:** | 15.69 \n**Date Public:** | 2011-09-26 \n**Date First Published:** | 2011-09-26 \n**Date Last Updated: ** | 2011-10-06 11:24 UTC \n**Document Revision: ** | 10 \n", "cvss3": {}, "published": "2011-09-26T00:00:00", "type": "cert", "title": "Multiple Quagga remote component vulnerabilities", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2011-10-06T11:24:00", "id": "VU:668534", "href": "https://www.kb.cert.org/vuls/id/668534", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-28T17:50:52", "description": "### Overview\n\nQuagga, a routing software suite, contains multiple vulnerabilities that result in a denial-of-service condition.\n\n### Description\n\nQuagga 0.99.20 and previous versions are susceptible to various denial-of-service conditions. The Quagga advisories state the following:\n\n**_CVE-2012-0249_****_: _****_E_****_rror in OSPF parsing LS-Update messages Can Cause a Crash of Quagga ospfd_** \n_The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon aborts due to an assert) with a malformed OSPF LS-Update message._ \n \n_Program Impacted: Quagga (ospfd)_ \n \n_Description:_ \n_OSPFv2 implementation in Quagga version 0.99.20 and before does not perform a proper length check for a received LS-Update OSPF packet. A received packet, which has actually less bytes, than it is declared in its header, causes a buffer overflow, which immediately leads to a crash of OSPF protocol process and subsequent disruption of IPv4 routing._ \n \n_Like many other OSPF cases, exploiting this vulnerability requires an ability to form an OSPF adjacency with the attacked OSPF router and initiate a database exchange process with it. Usual OSPF security precautions (including MD5 authentication) may lower the risk of such event. Upgrading to a patched version of Quagga is recommended regardless of any other measures taken._ \n \n**_CVE-2012-0250: Error in OSPF parsing Network-LSA messages Can Cause a Crash of Quagga ospfd_** \n_The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon crash) with a malformed OSPF Network-LSA message._ \n \n_Program Impacted: Quagga (ospfd)_ \n \n_Description:_ \n_OSPFv2 implementation in Quagga version 0.99.20 and before does not perform a proper length check of the Network-LSA structures contained in an LS-Update OSPF packet. When an otherwise correct LS-Update OSPF packet contains a Network-LSA structure, which has its \"Length\" header field set to value bigger than the actual number of bytes in the buffer, a buffer overflow happens. This immediately leads to a crash of OSPF protocol process and subsequent disruption of IPv4 routing._ \n \n_Like many other OSPF cases, exploiting this vulnerability requires an ability to form an OSPF adjacency with the attacked OSPF router and initiate a database exchange process with it. Usual OSPF security precautions (including MD5 authentication) may lower the risk of such event. Upgrading to a patched version of Quagga is recommended regardless of any other measures taken._ \n \n**_CVE-2012-0255: Error in BGP OPEN Message parsing Can Cause a Crash of Quagga bgpd_** \n_The bgpd implementation of BGP in Quagga up to (and including) 0.99.20 allows remote attackers to cause a denial of service (daemon aborts due to an assert) via BGP Open message with an invalid AS4 capability._ \n \n_Program Impacted: Quagga (bgpd)_ \n \n_Description:_ \n_BGP implementation in Quagga version 0.99.20 and before contains an error in processing malformed AS4 capability in the BGP OPEN message which leads to a abort (daemon aborts due to an assert) of the BGP protocol process and subsequent disruption of IP routing. When an OPEN with a malformed AS4 capability message is detected, the code fails to flush the message buffers for the peer. When the peer next connects and sends a message, the code will attempt to parse the stale, half-consumed data in the message buffer as it were a fresh BGP message. This leads to an assert and exit of the BGP daemon in the BGP OPEN message parsing code._ \n \n_The vulnerability is not restricted to BGP neighbors with 4-byte AS but can only be done from any configured peers (or sources spoofing the IP of a configured peer). The potential exists for this condition to be intentionally triggered, resulting in effective denial of service by crashing the BGPd. Usual BGP security precautions (including BGP MD5 authentication) may lower the risk of such event._ \n \n--- \n \n### Impact\n\nA remote attacker may be able to cause a denial-of-service condition. \n \n--- \n \n### Solution\n\n**Apply an Update** \n \nUpgrade to [Quagga 0.99.20.1](<http://download.savannah.gnu.org/releases/quagga/>) either through the GIT master version or by applying a patch. \n \n--- \n \nFor CVE-2012-0255, the following workaround exists: Shutdown sessions to any peers you can not trust, or where you can not ensure the security of the control-plane. \n \n--- \n \n### Vendor Information\n\n551715\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Quagga Affected\n\nNotified: March 07, 2012 Updated: March 21, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett-Packard Company Not Affected\n\nNotified: March 13, 2012 Updated: March 15, 2012 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Infoblox Not Affected\n\nNotified: March 13, 2012 Updated: March 28, 2012 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Debian GNU/Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### FreeBSD Project Unknown\n\nNotified: March 20, 2012 Updated: March 20, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Google Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mandriva S. A. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: March 20, 2012 Updated: March 20, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: March 20, 2012 Updated: March 20, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Openwall GNU/*/Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Red Hat, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SafeNet Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sun Microsystems, Inc. Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ubuntu Unknown\n\nNotified: March 13, 2012 Updated: March 13, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 27 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 6.1 | AV:A/AC:L/Au:N/C:N/I:N/A:C \nTemporal | 4.8 | E:POC/RL:OF/RC:C \nEnvironmental | 4.8 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n * <http://www.nongnu.org/quagga/>\n * <https://bugzilla.quagga.net/show_bug.cgi?id=705>\n\n### Acknowledgements\n\nThanks to Martin Winter at OpenSourceRouting.org for reporting these vulnerabilities, MU Dynamics for their sponsorship of the protocol fuzzer which uncovered these issues, and Denis Ovsienko & Paul Jakma for fixing the issues.\n\nThis document was written by Jared Allar.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2012-0249](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0249>), [CVE-2012-0250](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0250>), [CVE-2012-0255](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0255>) \n---|--- \n**Severity Metric:** | 1.50 \n**Date Public:** | 2012-03-23 \n**Date First Published:** | 2012-03-23 \n**Date Last Updated: ** | 2012-03-28 12:09 UTC \n**Document Revision: ** | 43 \n", "cvss3": {}, "published": "2012-03-23T00:00:00", "type": "cert", "title": "Quagga contains multiple vulnerabilities", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-03-28T12:09:00", "id": "VU:551715", "href": "https://www.kb.cert.org/vuls/id/551715", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-28T17:50:49", "description": "### Overview\n\nQuagga, a routing software suite, contains a BGP OPEN vulnerability that result in a denial-of-service condition.\n\n### Description\n\nCVE-2012-1820: Quagga version 0.99.20.1 and before contains a bug in BGP OPEN message handling. \n\n\n_Program Impacted: bgpd: fix DoS in bgp_capability_orf() \n \nDescription:_ \n_If a pre-configured BGP peer sends a specially-crafted OPEN message with a malformed ORF capability TLV, Quagga bgpd process will erroneously try to consume extra bytes from the input packet buffer. The process will detect a buffer overrun attempt before it happens and immediately terminate with an error message. All BGP sessions established by the attacked router will be closed and its BGP routing disrupted._ \n \n_An ORF (code 3) capability TLV is defined to contain exactly one AFI/SAFI block. Function bgp_capability_orf(), which parses ORF capability TLV, uses do-while cycle to call its helper function bgp_capability_orf_entry(), which actually processes the AFI/SAFI data block. The call is made at least once and repeated as long as the input buffer has enough data for the next call. \n \nThe helper function, bgp_capability_orf_entry(), uses \"Number of ORFs\" field of the provided AFI/SAFI block to verify, if it fits the input buffer. However, the check is made based on the total length of the ORF TLV regardless of the data already consumed by the previous helper function call(s). This way, the check condition is only valid for the first AFI/SAFI block inside an ORF capability TLV._ \n_ \nFor the subsequent calls of the helper function, if any are made, the check condition may erroneously tell, that the current \"Number of ORFs\" field fits the buffer boundary, where in fact it does not. This makes it possible to trigger an assertion by feeding an OPEN message with a specially-crafted malformed ORF capability TLV._ \n \n \n--- \n \n### Impact\n\nA denial-of-service condition can be caused by an attacker controlling one of the pre-configured BGP peers. In most cases this means, that the attack must be originated from an adjacent network. \n \n--- \n \n### Solution\n\nWe are currently unaware of a practical solution to this problem. \n \n--- \n \n### Vendor Information\n\n962587\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian GNU/Linux Affected\n\nNotified: April 25, 2012 Updated: April 26, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Infoblox Affected\n\nNotified: April 25, 2012 Updated: April 26, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Openwall GNU/*/Linux Not Affected\n\nNotified: April 25, 2012 Updated: April 26, 2012 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Google Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett-Packard Company Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mandriva S. A. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Red Hat, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SafeNet Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sun Microsystems, Inc. Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ubuntu Unknown\n\nNotified: April 25, 2012 Updated: April 25, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vyatta Unknown\n\nNotified: May 11, 2012 Updated: May 11, 2012 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 24 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 5.5 | AV:A/AC:L/Au:S/C:N/I:N/A:C \nTemporal | 4.5 | E:F/RL:OF/RC:C \nEnvironmental | 5 | CDP:L/TD:H/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n<http://www.nongnu.org/quagga/>\n\n### Acknowledgements\n\nThanks to Denis Ovsienko for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2012-1820](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-1820>) \n---|--- \n**Date Public:** | 2012-06-03 \n**Date First Published:** | 2012-06-04 \n**Date Last Updated: ** | 2012-06-11 14:04 UTC \n**Document Revision: ** | 13 \n", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "cert", "title": "Quagga BGP OPEN denial of service vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-11T14:04:00", "id": "VU:962587", "href": "https://www.kb.cert.org/vuls/id/962587", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nCERT-FI reports:\n\nFive vulnerabilities have been found in the BGP, OSPF, and\n\t OSPFv3 components of Quagga. The vulnerabilities allow an\n\t attacker to cause a denial of service or potentially to\n\t execute his own code by sending a specially modified packets\n\t to an affected server. Routing messages are typically accepted\n\t from the routing peers. Exploiting these vulnerabilities may\n\t require an established routing session (BGP peering or\n\t OSPF/OSPFv3 adjacency) to the router.\nThe vulnerability CVE-2011-3327\n\t is related to the extended communities handling in BGP\n\t messages. Receiving a malformed BGP update can result\n\t in a buffer overflow and disruption of IPv4 routing.\nThe vulnerability CVE-2011-3326\n\t results from the handling of LSA (Link State Advertisement)\n\t states in the OSPF service. Receiving a modified Link State\n\t Update message with malicious state information can result in\n\t denial of service in IPv4 routing.\nThe vulnerability CVE-2011-3325\n\t is a denial of service vulnerability related to Hello message\n\t handling by the OSPF service. As Hello messages are used to\n\t initiate adjacencies, exploiting the vulnerability may be\n\t feasible from the same broadcast domain without an established\n\t adjacency. A malformed packet may result in denial of service\n\t in IPv4 routing.\nThe vulnerabilities CVE-2011-3324\n\t and CVE-2011-3323\n\t are related to the IPv6 routing protocol (OSPFv3) implemented\n\t in ospf6d daemon. Receiving modified Database Description and\n\t Link State Update messages, respectively, can result in denial\n\t of service in IPv6 routing.\n\n\n", "cvss3": {}, "published": "2011-09-26T00:00:00", "type": "freebsd", "title": "quagga -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2011-09-26T00:00:00", "id": "AB9BE2C8-EF91-11E0-AD5A-00215C6A37BB", "href": "https://vuxml.freebsd.org/freebsd/ab9be2c8-ef91-11e0-ad5a-00215c6a37bb.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-19T16:03:49", "description": "\n\nCERT reports:\n\nThe ospfd implementation of OSPF in Quagga allows a remote\n\t attacker (on a local network segment with OSPF enabled) to cause\n\t a denial of service (daemon aborts due to an assert) with a\n\t malformed OSPF LS-Update message.\nThe ospfd implementation of OSPF in Quagga allows a remote\n\t attacker (on a local network segment with OSPF enabled) to cause\n\t a denial of service (daemon crash) with a malformed OSPF Network-\n\t LSA message.\nThe bgpd implementation of BGP in Quagga allows remote attackers\n\t to cause a denial of service (daemon aborts due to an assert) via\n\t BGP Open message with an invalid AS4 capability.\n\n\n", "cvss3": {}, "published": "2012-03-23T00:00:00", "type": "freebsd", "title": "quagga -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-03-26T00:00:00", "id": "42A2C82A-75B9-11E1-89B4-001EC9578670", "href": "https://vuxml.freebsd.org/freebsd/42a2c82a-75b9-11e1-89b4-001ec9578670.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-19T16:03:49", "description": "\n\nCERT reports:\n\nIf a pre-configured BGP peer sends a specially-crafted OPEN\n\t message with a malformed ORF capability TLV, Quagga bgpd process\n\t will erroneously try to consume extra bytes from the input packet\n\t buffer. The process will detect a buffer overrun attempt before\n\t it happens and immediately terminate with an error message. All\n\t BGP sessions established by the attacked router will be closed\n\t and its BGP routing disrupted.\n\n\n", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "freebsd", "title": "quagga -- BGP OPEN denial of service vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-04T00:00:00", "id": "1E14D46F-AF1F-11E1-B242-00215AF774F0", "href": "https://vuxml.freebsd.org/freebsd/1e14d46f-af1f-11e1-b242-00215af774f0.html", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:27:16", "description": "This update fixes the following security issues:\n\n - 718056: OSPF6D buffer overflow while decoding Link State\n Update with Inter Area Prefix Lsa (CVE-2011-3323)\n - 718058: OSPF6D DoS while decoding Database Description\n packet (CVE-2011-3324)\n - 718059: OSPFD DoS while decoding Hello packet\n (CVE-2011-3325)\n - 718061: OSPFD DoS while decoding Link State Update\n (CVE-2011-3326)\n - 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP (CVE-2011-3327)\n\n", "cvss3": {}, "published": "2011-10-18T19:08:25", "type": "suse", "title": "quagga: fixing multiple vulnerabilities (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2011-10-18T19:08:25", "id": "OPENSUSE-SU-2011:1155-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-04-13T00:10:42", "description": "This update fixes the following security issues in quagga:\n\n * 718056: OSPF6D buffer overflow while decoding Link\n State Update with Inter Area Prefix Lsa (CVE-2011-3323)\n * 718058: OSPF6D DoS while decoding Database\n Description packet (CVE-2011-3324)\n * 718059: OSPFD DoS while decoding Hello packet\n (CVE-2011-3325)\n * 718061: OSPFD DoS while decoding Link State Update\n (CVE-2011-3326)\n * 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP (CVE-2011-3327)\n", "cvss3": {}, "published": "2011-10-24T17:08:25", "type": "suse", "title": "Security update for quagga (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2011-10-24T17:08:25", "id": "SUSE-SU-2011:1171-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:05:35", "description": "This update fixes the following security issues:\n\n * 718056: OSPF6D buffer overflow while decoding Link\n State Update with Inter Area Prefix Lsa (CVE-2011-3323)\n * 718058: OSPF6D DoS while decoding Database\n Description packet (CVE-2011-3324)\n * 718059: OSPFD DoS while decoding Hello packet\n (CVE-2011-3325)\n * 718061: OSPFD DoS while decoding Link State Update\n (CVE-2011-3326)\n * 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP (CVE-2011-3327)\n", "cvss3": {}, "published": "2011-09-28T22:08:22", "type": "suse", "title": "Security update for quagga (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2011-3325", "CVE-2011-3323", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2011-09-28T22:08:22", "id": "SUSE-SU-2011:1075-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:44:23", "description": "This update fixes the following security issues:\n\n * 634300: buffer overflow and null deref\n * 654270: Malformed extended communities and\n AS_PATHLIMIT DoS\n * 718056: OSPF6D buffer overflow while decoding Link\n State Update with Inter Area Prefix Lsa (CVE-2011-3323)\n * 718058: OSPF6D DoS while decoding Database\n Description packet (CVE-2011-3324)\n * 718059: OSPFD DoS while decoding Hello packet\n (CVE-2011-3325)\n * 718061: OSPFD DoS while decoding Link State Update\n (CVE-2011-3326)\n * 718062: DoS while decoding EXTENDED_COMMUNITIES in\n Quagga's BGP (CVE-2011-3327)\n", "cvss3": {}, "published": "2011-12-12T02:08:23", "type": "suse", "title": "Security update for quagga (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-2949", "CVE-2011-3326", "CVE-2011-3325", "CVE-2010-2948", "CVE-2010-1675", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2011-12-12T02:08:23", "id": "SUSE-SU-2011:1316-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2021-10-22T00:11:55", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2316-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nOctober 05, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : quagga\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327\n\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several\nvulnerabilities in Quagga, an Internet routing daemon:\n\nCVE-2011-3323\n\tA stack-based buffer overflow while decoding Link State Update\n\tpackets with a malformed Inter Area Prefix LSA can cause the\n\tospf6d process to crash or (potentially) execute arbitrary\n\tcode.\n\nCVE-2011-3324\n\tThe ospf6d process can crash while processing a Database\n\tDescription packet with a crafted Link-State-Advertisement.\n\nCVE-2011-3325\n\tThe ospfd process can crash while processing a crafted Hello\n\tpacket.\n\nCVE-2011-3326\n\tThe ospfd process crashes while processing\n\tLink-State-Advertisements of a type not known to Quagga.\n\nCVE-2011-3327\n\tA heap-based buffer overflow while processing BGP UPDATE\n\tmessages containing an Extended Communities path attribute\n\tcan cause the bgpd process to crash or (potentially) execute\n\tarbitrary code.\n\nThe OSPF-related vulnerabilities require that potential attackers send\npackets to a vulnerable Quagga router; the packets are not distributed\nover OSPF. In contrast, the BGP UPDATE messages could be propagated\nby some routers.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.99.10-1lenny6.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.17-2+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.19-1.\n\nWe recommend that you upgrade your quagga packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-10-05T18:57:11", "type": "debian", "title": "[SECURITY] [DSA 2316-1] quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2011-10-05T18:57:11", "id": "DEBIAN:DSA-2316-1:AD6E3", "href": "https://lists.debian.org/debian-security-announce/2011/msg00193.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T23:57:32", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2459-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nApril 26, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : quagga\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-0249 CVE-2012-0250 CVE-2012-0255\n\nSeveral vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\nCVE-2012-0249\n\tA buffer overflow in the ospf_ls_upd_list_lsa function in the\n\tOSPFv2 implementation allows remote attackers to cause a\n\tdenial of service (assertion failure and daemon exit) via a\n\tLink State Update (aka LS Update) packet that is smaller than\n\tthe length specified in its header.\n\nCVE-2012-0250\n\tA buffer overflow in the OSPFv2 implementation allows remote\n\tattackers to cause a denial of service (daemon crash) via a\n\tLink State Update (aka LS Update) packet containing a\n\tnetwork-LSA link-state advertisement for which the\n\tdata-structure length is smaller than the value in the Length\n\theader field.\n\nCVE-2012-0255\n\tThe BGP implementation does not properly use message buffers\n\tfor OPEN messages, which allows remote attackers impersonating\n\ta configured BGP peer to cause a denial of service (assertion\n\tfailure and daemon exit) via a message associated with a\n\tmalformed AS4 capability.\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\nWe recommend that you upgrade your quagga packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-04-26T05:56:28", "type": "debian", "title": "[SECURITY] [DSA 2459-1] quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2012-04-26T05:56:28", "id": "DEBIAN:DSA-2459-1:6BDF4", "href": "https://lists.debian.org/debian-security-announce/2012/msg00092.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T23:51:04", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2497-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJune 20, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : quagga\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-1820\nDebian Bug : 676510\n\nIt was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\n\nWe recommend that you upgrade your quagga packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-06-20T20:30:09", "type": "debian", "title": "[SECURITY] [DSA 2497-1] quagga security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-20T20:30:09", "id": "DEBIAN:DSA-2497-1:C0241", "href": "https://lists.debian.org/debian-security-announce/2012/msg00137.html", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2022-08-10T07:08:51", "description": "\nRiku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several\nvulnerabilities in Quagga, an Internet routing daemon:\n\n\n* [CVE-2011-3323](https://security-tracker.debian.org/tracker/CVE-2011-3323)\nA stack-based buffer overflow while decoding Link State Update\n packets with a malformed Inter Area Prefix LSA can cause the\n ospf6d process to crash or (potentially) execute arbitrary\n code.\n* [CVE-2011-3324](https://security-tracker.debian.org/tracker/CVE-2011-3324)\nThe ospf6d process can crash while processing a Database\n Description packet with a crafted Link-State-Advertisement.\n* [CVE-2011-3325](https://security-tracker.debian.org/tracker/CVE-2011-3325)\nThe ospfd process can crash while processing a crafted Hello\n packet.\n* [CVE-2011-3326](https://security-tracker.debian.org/tracker/CVE-2011-3326)\nThe ospfd process crashes while processing\n Link-State-Advertisements of a type not known to Quagga.\n* [CVE-2011-3327](https://security-tracker.debian.org/tracker/CVE-2011-3327)\nA heap-based buffer overflow while processing BGP UPDATE\n messages containing an Extended Communities path attribute\n can cause the bgpd process to crash or (potentially) execute\n arbitrary code.\n\n\nThe OSPF-related vulnerabilities require that potential attackers send\npackets to a vulnerable Quagga router; the packets are not distributed\nover OSPF. In contrast, the BGP UPDATE messages could be propagated\nby some routers.\n\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.99.10-1lenny6.\n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.17-2+squeeze3.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.19-1.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2011-10-05T00:00:00", "type": "osv", "title": "quagga - several", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2022-08-10T07:08:47", "id": "OSV:DSA-2316-1", "href": "https://osv.dev/vulnerability/DSA-2316-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:09:26", "description": "\nSeveral vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\n\n* [CVE-2012-0249](https://security-tracker.debian.org/tracker/CVE-2012-0249)\nA buffer overflow in the ospf\\_ls\\_upd\\_list\\_lsa function in the\n OSPFv2 implementation allows remote attackers to cause a\n denial of service (assertion failure and daemon exit) via a\n Link State Update (aka LS Update) packet that is smaller than\n the length specified in its header.\n* [CVE-2012-0250](https://security-tracker.debian.org/tracker/CVE-2012-0250)\nA buffer overflow in the OSPFv2 implementation allows remote\n attackers to cause a denial of service (daemon crash) via a\n Link State Update (aka LS Update) packet containing a\n network-LSA link-state advertisement for which the\n data-structure length is smaller than the value in the Length\n header field.\n* [CVE-2012-0255](https://security-tracker.debian.org/tracker/CVE-2012-0255)\nThe BGP implementation does not properly use message buffers\n for OPEN messages, which allows remote attackers impersonating\n a configured BGP peer to cause a denial of service (assertion\n failure and daemon exit) via a message associated with a\n malformed AS4 capability.\n\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze2.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "osv", "title": "quagga - regression", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2022-08-10T07:08:53", "id": "OSV:DSA-2459-2", "href": "https://osv.dev/vulnerability/DSA-2459-2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:09:27", "description": "\nSeveral vulnerabilities have been discovered in Quagga, a routing\ndaemon.\n\n\n* [CVE-2012-0249](https://security-tracker.debian.org/tracker/CVE-2012-0249)\nA buffer overflow in the ospf\\_ls\\_upd\\_list\\_lsa function in the\n OSPFv2 implementation allows remote attackers to cause a\n denial of service (assertion failure and daemon exit) via a\n Link State Update (aka LS Update) packet that is smaller than\n the length specified in its header.\n* [CVE-2012-0250](https://security-tracker.debian.org/tracker/CVE-2012-0250)\nA buffer overflow in the OSPFv2 implementation allows remote\n attackers to cause a denial of service (daemon crash) via a\n Link State Update (aka LS Update) packet containing a\n network-LSA link-state advertisement for which the\n data-structure length is smaller than the value in the Length\n header field.\n* [CVE-2012-0255](https://security-tracker.debian.org/tracker/CVE-2012-0255)\nThe BGP implementation does not properly use message buffers\n for OPEN messages, which allows remote attackers impersonating\n a configured BGP peer to cause a denial of service (assertion\n failure and daemon exit) via a message associated with a\n malformed AS4 capability.\n\n\nThis security update upgrades the quagga package to the most recent\nupstream release. This release includes other corrections, such as\nhardening against unknown BGP path attributes.\n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.99.20.1-0+squeeze2.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 0.99.20.1-1.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "osv", "title": "quagga - several", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255"], "modified": "2022-08-10T07:08:53", "id": "OSV:DSA-2459-1", "href": "https://osv.dev/vulnerability/DSA-2459-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-21T08:30:44", "description": "\nIt was discovered that Quagga, a routing daemon, contains a\nvulnerability in processing the ORF capability in BGP OPEN messages.\nA malformed OPEN message from a previously configured BGP peer could\ncause bgpd to crash, causing a denial of service.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.99.20.1-0+squeeze3.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 0.99.21-3.\n\n\nWe recommend that you upgrade your quagga packages.\n\n\n", "cvss3": {}, "published": "2012-06-20T00:00:00", "type": "osv", "title": "quagga - denial of service", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2022-07-21T05:47:44", "id": "OSV:DSA-2497-1", "href": "https://osv.dev/vulnerability/DSA-2497-1", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:26", "description": "[0.99.15-7.2]\n- improve fix for CVE-2011-3325\n[0.99.15-7.1]\n- fix CVE-2011-3323\n- fix CVE-2011-3324\n- fix CVE-2011-3325\n- fix CVE-2011-3326\n- fix CVE-2011-3327\n- fix CVE-2012-0255\n- fix CVE-2012-0249 and CVE-2012-0250\n- fix CVE-2012-1820\n[0.99.15-7]\n- Resolves: #684751 - CVE-2010-1674 CVE-2010-1675 quagga various flaws\n[0.99.15-6]\n- Resolves: #644832 - CVE-2010-2948 CVE-2010-2949 quagga various flaws", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "oraclelinux", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-1820", "CVE-2010-2949", "CVE-2011-3326", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-0249", "CVE-2011-3325", "CVE-2010-2948", "CVE-2010-1675", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2012-09-12T00:00:00", "id": "ELSA-2012-1259", "href": "http://linux.oracle.com/errata/ELSA-2012-1259.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:18", "description": "[0.98.6-7.1]\n- fix CVE-2011-3323\n- fix CVE-2011-3324\n- fix CVE-2011-3325\n- fix CVE-2011-3326\n- fix CVE-2011-3327\n- fix CVE-2012-0249\n- fix CVE-2010-1674\n[0.98.6-7]\n- Resolves: #638628 - CVE-2007-4826 CVE-2010-2948 quagga: various flaws\n[0.98.6-6]\n- Resolves: #528583 - Missing declarations cause zebra to segfault", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "oraclelinux", "title": "quagga security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-3326", "CVE-2007-4826", "CVE-2012-0250", "CVE-2012-0249", "CVE-2011-3325", "CVE-2010-2948", "CVE-2011-3323", "CVE-2010-1674", "CVE-2011-3327", "CVE-2011-3324"], "modified": "2012-09-12T00:00:00", "id": "ELSA-2012-1258", "href": "http://linux.oracle.com/errata/ELSA-2012-1258.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-30T06:24:35", "description": "[0.99.15-14]\n- Resolves: #1416013 - CVE-2017-5495 quagga: Telnet interface input buffer allocates unbounded amounts of memory\n[0.99.15-13]\n- fix path of ripd pid file (#842308)\n[0.99.15-12]\n- fix start() function in watchqugga initscript (#862826, #1208617)\n[0.99.15-11]\n- fix for CVE-2013-2236 (#1391918)\n- fix for CVE-2016-1245 (#1391914)\n- fix for CVE-2016-2342 (#1391916)\n- fix for CVE-2016-4049 (#1391919)\n[0.99.15-11]\n- ospf6d: Fix crash when '[no] ipv6 ospf6 advertise prefix-list' is in startup-config (#770731)\n[0.99.15-10]\n- add watchquagga initscript (#862826, #1208617)\n- remove pidfile when service is stopped (#842308)\n- use QCONFDIR correctly in initscripts (#839620)\n- include watchquagga and ospfclient manpages (#674862)\n[0.99.15-9]\n- improve fix for CVE-2011-3325\n[0.99.15-8]\n- fix CVE-2011-3323\n- fix CVE-2011-3324\n- fix CVE-2011-3325\n- fix CVE-2011-3326\n- fix CVE-2011-3327\n- fix CVE-2012-0255\n- fix CVE-2012-0249 and CVE-2012-0250\n- fix CVE-2012-1820", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-27T00:00:00", "type": "oraclelinux", "title": "quagga security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327", "CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236", "CVE-2016-1245", "CVE-2016-2342", "CVE-2016-4049", "CVE-2017-5495"], "modified": "2017-03-27T00:00:00", "id": "ELSA-2017-0794", "href": "http://linux.oracle.com/errata/ELSA-2017-0794.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:10:10", "description": "### Background\n\nQuagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to cause arbitrary code execution or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Quagga users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/quagga-0.99.22.4\"", "cvss3": {}, "published": "2013-10-10T00:00:00", "type": "gentoo", "title": "Quagga: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249", "CVE-2012-0250", "CVE-2012-0255", "CVE-2012-1820", "CVE-2013-2236"], "modified": "2013-10-10T00:00:00", "id": "GLSA-201310-08", "href": "https://security.gentoo.org/glsa/201310-08", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-17T19:13:10", "description": "### Background\n\nQuagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA BGP peer could send a Route-Refresh message with specially-crafted ORF record, which can cause Quagga's bgpd to crash or possibly execute arbitrary code with the privileges of the user running Quagga's bgpd; a BGP update AS path request with unknown AS type, or malformed AS-Pathlimit or Extended-Community attributes could lead to Denial of Service (daemon crash), an error in bgpd when handling AS_PATH attributes within UPDATE messages can be exploited to cause a heap-based buffer overflow resulting in a crash of the daemon and disruption of IPv4 routing, two errors in ospf6d and ospfd can each be exploited to crash the daemon and disrupt IP routing. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Quagga users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/quagga-0.99.20\"", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "gentoo", "title": "Quagga: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1674", "CVE-2010-1675", "CVE-2010-2948", "CVE-2010-2949", "CVE-2011-3323", "CVE-2011-3324", "CVE-2011-3325", "CVE-2011-3326", "CVE-2011-3327"], "modified": "2012-02-21T00:00:00", "id": "GLSA-201202-02", "href": "https://security.gentoo.org/glsa/201202-02", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:25:24", "description": "The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "cve", "title": "CVE-2011-3323", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323"], "modified": "2018-01-06T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.98.6"], "id": "CVE-2011-3323", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3323", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:25:25", "description": "The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "cve", "title": "CVE-2011-3324", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3324"], "modified": "2018-01-06T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.98.6"], "id": "CVE-2011-3324", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3324", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:07:24", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.", "cvss3": {}, "published": "2012-06-13T15:55:00", "type": "cve", "title": "CVE-2012-1820", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2013-03-02T04:40:00", "cpe": ["cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.20.1", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-1820", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1820", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:25:27", "description": "ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "cve", "title": "CVE-2011-3325", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3325"], "modified": "2018-01-06T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.98.6"], "id": "CVE-2011-3325", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3325", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:25:28", "description": "Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "cve", "title": "CVE-2011-3327", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3327"], "modified": "2018-01-06T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.98.6"], "id": "CVE-2011-3327", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3327", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:35:33", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "cve", "title": "CVE-2012-0250", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-0250", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0250", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:36:06", "description": "Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "cve", "title": "CVE-2012-0249", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-0249", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0249", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:35:40", "description": "The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "cve", "title": "CVE-2012-0255", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0255"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.19", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.98.6", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.99.20"], "id": "CVE-2012-0255", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.20:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:25:26", "description": "The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "cve", "title": "CVE-2011-3326", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3326"], "modified": "2018-01-06T02:29:00", "cpe": ["cpe:/a:quagga:quagga:0.97.3", "cpe:/a:quagga:quagga:0.99.8", "cpe:/a:quagga:quagga:0.96", "cpe:/a:quagga:quagga:0.99.11", "cpe:/a:quagga:quagga:0.96.3", "cpe:/a:quagga:quagga:0.99.14", "cpe:/a:quagga:quagga:0.95", "cpe:/a:quagga:quagga:0.99.18", "cpe:/a:quagga:quagga:0.98.5", "cpe:/a:quagga:quagga:0.98.4", "cpe:/a:quagga:quagga:0.98.2", "cpe:/a:quagga:quagga:0.99.17", "cpe:/a:quagga:quagga:0.99.1", "cpe:/a:quagga:quagga:0.96.1", "cpe:/a:quagga:quagga:0.97.5", "cpe:/a:quagga:quagga:0.99.12", "cpe:/a:quagga:quagga:0.99.7", "cpe:/a:quagga:quagga:0.97.2", "cpe:/a:quagga:quagga:0.98.3", "cpe:/a:quagga:quagga:0.99.2", "cpe:/a:quagga:quagga:0.96.2", "cpe:/a:quagga:quagga:0.99.9", "cpe:/a:quagga:quagga:0.99.5", "cpe:/a:quagga:quagga:0.99.10", "cpe:/a:quagga:quagga:0.98.1", "cpe:/a:quagga:quagga:0.99.16", "cpe:/a:quagga:quagga:0.97.0", "cpe:/a:quagga:quagga:0.96.5", "cpe:/a:quagga:quagga:0.98.0", "cpe:/a:quagga:quagga:0.97.1", "cpe:/a:quagga:quagga:0.99.15", "cpe:/a:quagga:quagga:0.99.13", "cpe:/a:quagga:quagga:0.96.4", "cpe:/a:quagga:quagga:0.99.6", "cpe:/a:quagga:quagga:0.97.4", "cpe:/a:quagga:quagga:0.99.3", "cpe:/a:quagga:quagga:0.99.4", "cpe:/a:quagga:quagga:0.98.6"], "id": "CVE-2011-3326", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3326", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2022-08-04T14:32:13", "description": "The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote\nattackers to cause a denial of service (out-of-bounds memory access and\ndaemon crash) via a Link State Update message with an invalid IPv6 prefix\nlength.", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "ubuntucve", "title": "CVE-2011-3323", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323"], "modified": "2011-10-10T00:00:00", "id": "UB:CVE-2011-3323", "href": "https://ubuntu.com/security/CVE-2011-3323", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:32:13", "description": "The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3\nimplementation in ospf6d in Quagga before 0.99.19 allows remote attackers\nto cause a denial of service (assertion failure and daemon exit) via\ntrailing zero values in the Link State Advertisement (LSA) header list of\nan IPv6 Database Description message.", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "ubuntucve", "title": "CVE-2011-3324", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3324"], "modified": "2011-10-10T00:00:00", "id": "UB:CVE-2011-3324", "href": "https://ubuntu.com/security/CVE-2011-3324", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:29:56", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier\nallows remote attackers to cause a denial of service (assertion failure and\ndaemon exit) by leveraging a BGP peering relationship and sending a\nmalformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1820>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676510>\n * <https://bugs.launchpad.net/ubuntu/+source/quagga/+bug/1018052>\n", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "ubuntucve", "title": "CVE-2012-1820", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-13T00:00:00", "id": "UB:CVE-2012-1820", "href": "https://ubuntu.com/security/CVE-2012-1820", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:32:12", "description": "ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to\ncause a denial of service (daemon crash) via (1) a 0x0a type field in an\nIPv4 packet header or (2) a truncated IPv4 Hello packet.", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "ubuntucve", "title": "CVE-2011-3325", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3325"], "modified": "2011-10-10T00:00:00", "id": "UB:CVE-2011-3325", "href": "https://ubuntu.com/security/CVE-2011-3325", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:32:13", "description": "Heap-based buffer overflow in the ecommunity_ecom2str function in\nbgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers\nto cause a denial of service (daemon crash) or possibly execute arbitrary\ncode by sending a crafted BGP UPDATE message over IPv4.", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "ubuntucve", "title": "CVE-2011-3327", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3327"], "modified": "2011-10-10T00:00:00", "id": "UB:CVE-2011-3327", "href": "https://ubuntu.com/security/CVE-2011-3327", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:30:31", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before\n0.99.20.1 allows remote attackers to cause a denial of service (daemon\ncrash) via a Link State Update (aka LS Update) packet containing a\nnetwork-LSA link-state advertisement for which the data-structure length is\nsmaller than the value in the Length header field.", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "ubuntucve", "title": "CVE-2012-0250", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2012-04-05T00:00:00", "id": "UB:CVE-2012-0250", "href": "https://ubuntu.com/security/CVE-2012-0250", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:30:31", "description": "Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in\nthe OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote\nattackers to cause a denial of service (assertion failure and daemon exit)\nvia a Link State Update (aka LS Update) packet that is smaller than the\nlength specified in its header.\n\n#### Bugs\n\n * <https://bugzilla.quagga.net/show_bug.cgi?id=705>\n", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "ubuntucve", "title": "CVE-2012-0249", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249"], "modified": "2012-04-05T00:00:00", "id": "UB:CVE-2012-0249", "href": "https://ubuntu.com/security/CVE-2012-0249", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:30:30", "description": "The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly\nuse message buffers for OPEN messages, which allows remote attackers to\ncause a denial of service (assertion failure and daemon exit) via a message\nassociated with a malformed Four-octet AS Number Capability (aka AS4\ncapability).", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "ubuntucve", "title": "CVE-2012-0255", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0255"], "modified": "2012-04-05T00:00:00", "id": "UB:CVE-2012-0255", "href": "https://ubuntu.com/security/CVE-2012-0255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:32:12", "description": "The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19\nallows remote attackers to cause a denial of service (daemon crash) via an\ninvalid Link State Advertisement (LSA) type in an IPv4 Link State Update\nmessage.", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "ubuntucve", "title": "CVE-2011-3326", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3326"], "modified": "2011-10-10T00:00:00", "id": "UB:CVE-2011-3326", "href": "https://ubuntu.com/security/CVE-2011-3326", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-04T06:01:57", "description": "The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "debiancve", "title": "CVE-2011-3323", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3323"], "modified": "2011-10-10T10:55:00", "id": "DEBIANCVE:CVE-2011-3323", "href": "https://security-tracker.debian.org/tracker/CVE-2011-3323", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "debiancve", "title": "CVE-2011-3324", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3324"], "modified": "2011-10-10T10:55:00", "id": "DEBIANCVE:CVE-2011-3324", "href": "https://security-tracker.debian.org/tracker/CVE-2011-3324", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.", "cvss3": {}, "published": "2012-06-13T15:55:00", "type": "debiancve", "title": "CVE-2012-1820", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.9, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1820"], "modified": "2012-06-13T15:55:00", "id": "DEBIANCVE:CVE-2012-1820", "href": "https://security-tracker.debian.org/tracker/CVE-2012-1820", "cvss": {"score": 2.9, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "debiancve", "title": "CVE-2011-3325", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3325"], "modified": "2011-10-10T10:55:00", "id": "DEBIANCVE:CVE-2011-3325", "href": "https://security-tracker.debian.org/tracker/CVE-2011-3325", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "debiancve", "title": "CVE-2011-3327", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3327"], "modified": "2011-10-10T10:55:00", "id": "DEBIANCVE:CVE-2011-3327", "href": "https://security-tracker.debian.org/tracker/CVE-2011-3327", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "debiancve", "title": "CVE-2012-0250", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0250"], "modified": "2012-04-05T13:25:00", "id": "DEBIANCVE:CVE-2012-0250", "href": "https://security-tracker.debian.org/tracker/CVE-2012-0250", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "debiancve", "title": "CVE-2012-0249", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0249"], "modified": "2012-04-05T13:25:00", "id": "DEBIANCVE:CVE-2012-0249", "href": "https://security-tracker.debian.org/tracker/CVE-2012-0249", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).", "cvss3": {}, "published": "2012-04-05T13:25:00", "type": "debiancve", "title": "CVE-2012-0255", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0255"], "modified": "2012-04-05T13:25:00", "id": "DEBIANCVE:CVE-2012-0255", "href": "https://security-tracker.debian.org/tracker/CVE-2012-0255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:57", "description": "The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message.", "cvss3": {}, "published": "2011-10-10T10:55:00", "type": "debiancve", "title": "CVE-2011-3326", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE&qu