20 matches found
EUVD-2010-2953
Malware in sbrugna...
EUVD-2018-17150
Malware in sbrugna...
EUVD-2018-17152
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-5380
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Quagga BGP daemon bgpd prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input...
Linux Distros Unpatched Vulnerability : CVE-2018-5381
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Quagga BGP daemon bgpd prior to version 1.2.3 has a bug in its parsing of Capabilities in BGP OPEN messages, in the bgppacket.c:bgpcapabilitymsgparse...
K62789814: Quagga bgpd vulnerabilities CVE-2018-5378, CVE-2018-5379, CVE-2018-5380, and CVE-2018-5381
Security Advisory Description CVE-2018-5378 The Quagga BGP daemon bgpd prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash...
SUSE CVE-2006-2276
bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service CPU consumption via a certain sh ip bgp command entered in the telnet interface...
SUSE CVE-2018-5378
The Quagga BGP daemon bgpd prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash...
SUSE: Security Advisory (SUSE-SU-2018:0457-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Quagga BGP Daemon bgp_update_receive Double Free (CVE-2018-5379)
A double free vulnerability has been reported in Quagga BGP Daemon. The vulnerability is due to improper handling of cluster list and unknown attributes. A remote attacker can exploit this vulnerability by sending a crafted BGP UPDATE message to the target server...
Quagga BGP Backend Program UPDATE Message Released Twice Vulnerability
Quagga is an open source routing software. A two release vulnerability exists in the Quagga BGP backend program processing UPDATE messages, which allows remote attackers to exploit the vulnerability to submit a special request, conduct a denial of service attack or execute arbitrary code...
Out-of-bounds
The Quagga BGP daemon bgpd prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash...
Design/Logic Flaw
The Quagga BGP daemon bgpd prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgppacket.c:bgpcapabilitymsgparse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI,...
CVE-2018-5381
Removed by vendor...
CVE-2018-5381
The Quagga BGP daemon bgpd prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgppacket.c:bgpcapabilitymsgparse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI,...
CVE-2018-5378
The Quagga BGP daemon bgpd prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash...
CVE-2018-5379
The Quagga BGP daemon bgpd prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code...
UBUNTU-CVE-2018-5379
The Quagga BGP daemon bgpd prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code...
[SECURITY] [DSA 3654-1] quagga security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3654-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 26, 2016 https://www.debian.org/security/faq -...
quagga BGP daemon DoS
Few DoS conditions on BGP traffic parsing...