45 matches found
Oracle Linux 9 : frr (ELSA-2023-6434)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6434 advisory. 8.3.1-11 - Resolves: RHEL-2263 - bgpd: Do not explicitly print MAXTTL value for ebgp-multihop vty output 8.3.1-10 - Related: 2216912 - adding sysadmin ...
CVE-2023-38406
A flaw was found in bgpd/bgpflowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising...
frr: Reachable assertion in peek_for_as4_capability function
A reachable assertion flaw was found in Frrouting frr-bgpd in the peekforas4capability function. This flaw allows an attacker to maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in a denial of service...
PT-2023-4678 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.4R3-S10 Junos OS versions 21.1R1 through 21. Junos OS versions 21.2 through 21.2R3-S5 Junos OS versions 21.3 through 21.3R3-S5 Junos OS versions 21.4 through 21.4R3-S7 Junos OS versions 22.1 through 22.1R3-S4 Jun...
DEBIAN-CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...
CVE-2022-40318
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
SUSE CVE-2022-36440
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...
SUSE CVE-2016-4049
The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...
SUSE CVE-2018-16300
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgpattrprint because of unlimited recursion...
SUSE CVE-2019-16159
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...
CVE-2022-37032
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse in bgpd/bgppacket.c...
UBUNTU-CVE-2022-37032
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse in bgpd/bgppacket.c...
DDoS Protection for Networks: Utilizing AS Prepending to Route Traffic Through Imperva
In order for Imperva to protect customers’ traffic using DDoS Protection for Networks, the Internet must select Imperva as the best path. So what does this mean? Does Imperva automatically take over the customer’s prefix and control the routing of the Internet? Well…not exactly. Internet Routing...
The vulnerability of the BGP protocol implementation in the Junos OS operating system allows a attacker to cause a service failure.
The vulnerability of the BGP protocol implementation in the Junos OS operating system is related to memory leaks. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted commands remotely...
BGP Route Hijacking
Yes, we can minimize the BGP Hijacking Risk Every day we see something new about the global security threat. It is hard to keep track of all the various ways your network can be attacked. But there are some threat-vectors which need particular attention. "Did you know that a threat-actor with 20...
CVE-2018-14342
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths...
UBUNTU-CVE-2018-14342
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths...
CVE-2018-14342
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths...
CVE-2018-0295
A vulnerability in the Border Gateway Protocol BGP implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update...
CVE-2017-10607
Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit PDU sent directly to the router, which can cause the RPD routing process to crash and restart. Unlike BGP UPDATEs, which are transitive in nature, this...