Linux Distros Unpatched Vulnerability : CVE-2017-16227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The aspathput function in bgpd/bgpaspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service session drop via BGP UPDATE messages,...

RHEL 6 : quagga (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to cra...

Debian: Security Advisory (DLA-1152-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2017-16227

The aspathput function in bgpd/bgpaspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service session drop via BGP UPDATE messages, because ASPATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message...

Mageia: Security Advisory (MGASA-2017-0416)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0457-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for quagga (EulerOS-SA-2017-1308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for quagga (openSUSE-SU-2018:0473-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : quagga (openSUSE-2018-177)

This update for quagga fixes the following issues : - CVE-2017-16227: Fixed bgpd DoS via specially crafted BGP UPDATE messages boo1065641 - CVE-2018-5378: Fixed bgpd bounds check issue via attribute length Quagga-2018-0543,boo1079798 - CVE-2018-5379: Fixed bgpd double free when processing UPDATE...

Security update for quagga (important)

This update for quagga fixes the following issues: - CVE-2017-16227: Fixed bgpd DoS via specially crafted BGP UPDATE messages boo1065641 - CVE-2018-5378: Fixed bgpd bounds check issue via attribute length Quagga-2018-0543,boo1079798 - CVE-2018-5379: Fixed bgpd double free when processing UPDATE...

SUSE SLES11 Security Update : quagga (SUSE-SU-2018:0457-1)

This update for quagga fixes the following issues : - The Quagga BGP daemon contained a bug in the ASPATH size calculation that could have been exploited to facilitate a remote denial-of-service attack via specially crafted BGP UPDATE messages. CVE-2017-16227, bsc1065641 - The Quagga BGP daemon d...

SUSE SLES12 Security Update : quagga (SUSE-SU-2018:0455-1)

This update for quagga fixes the following security issues : - The Quagga BGP daemon contained a bug in the ASPATH size calculation that could have been exploited to facilitate a remote denial-of-service attack via specially crafted BGP UPDATE messages. CVE-2017-16227, bsc1065641 - The Quagga BGP...

Fedora 27 : quagga (2017-7d25605e98)

rebase to version 1.2.2, solves CVE-2017-16227, solves error produced by install script Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

[ASA-201712-7] quagga: denial of service

Arch Linux Security Advisory ASA-201712-7 ========================================= Severity: Medium Date : 2017-12-13 CVE-ID : CVE-2017-16227 Package : quagga Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-481 Summary ======= The package quagga before version...

Fedora Update for quagga FEDORA-2017-df3032c978

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : quagga (EulerOS-SA-2017-1308)

According to the version of the quagga package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A denial of service flaw was found in the way the bgpd daemon in Quagga handled the processing of large BGP update messages. A remote, previously...

EulerOS 2.0 SP1 : quagga (EulerOS-SA-2017-1307)

According to the version of the quagga package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A denial of service flaw was found in the way the bgpd daemon in Quagga handled the processing of large BGP update messages. A remote, previously...

Fedora 26 : quagga (2017-df3032c978)

rebase to version 1.2.2, solves CVE-2017-16227, solves error produced by install script Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

Updated quagga packages fix security vulnerability

The bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment ASPATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity CVE-2017-16227...