Lucene search
+L

45 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.53 views

Oracle Linux 9 : frr (ELSA-2023-6434)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6434 advisory. 8.3.1-11 - Resolves: RHEL-2263 - bgpd: Do not explicitly print MAXTTL value for ebgp-multihop vty output 8.3.1-10 - Related: 2216912 - adding sysadmin ...

7.5CVSS7.3AI score0.02107EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2023/11/07 2:56 p.m.43 views

CVE-2023-38406

A flaw was found in bgpd/bgpflowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising...

7.5CVSS6.6AI score0.00939EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/07 8:22 a.m.12 views

frr: Reachable assertion in peek_for_as4_capability function

A reachable assertion flaw was found in Frrouting frr-bgpd in the peekforas4capability function. This flaw allows an attacker to maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in a denial of service...

7.5CVSS5.7AI score0.01624EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/08/29 12:0 a.m.6 views

PT-2023-4678 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.4R3-S10 Junos OS versions 21.1R1 through 21. Junos OS versions 21.2 through 21.2R3-S5 Junos OS versions 21.3 through 21.3R3-S5 Junos OS versions 21.4 through 21.4R3-S7 Junos OS versions 22.1 through 22.1R3-S4 Jun...

7.8CVSS6.9AI score0.15143EPSS
Exploits0References14
OSV
OSV
added 2023/05/03 12:16 p.m.2 views

DEBIAN-CVE-2022-43681

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...

6.5CVSS6.8AI score0.02107EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/05/03 12:16 p.m.3 views

CVE-2022-40318

An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...

6.5CVSS6.9AI score0.01983EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/04/06 1:57 a.m.3 views

SUSE CVE-2022-36440

A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...

7.5CVSS6.9AI score0.01624EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:3 a.m.2 views

SUSE CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

7.5CVSS6.9AI score0.04642EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.5 views

SUSE CVE-2018-16300

The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgpattrprint because of unlimited recursion...

7.5CVSS7.2AI score0.04122EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.5 views

SUSE CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

7.5CVSS7.6AI score0.03153EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/09/19 10:15 p.m.31 views

CVE-2022-37032

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse in bgpd/bgppacket.c...

9.1CVSS7.1AI score0.01578EPSS
Exploits1References4
OSV
OSV
added 2022/09/19 10:15 p.m.7 views

UBUNTU-CVE-2022-37032

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse in bgpd/bgppacket.c...

9.1CVSS7.2AI score0.01578EPSS
Exploits1References5
Imperva Blog
Imperva Blog
added 2020/06/23 1:12 p.m.31 views

DDoS Protection for Networks: Utilizing AS Prepending to Route Traffic Through Imperva

In order for Imperva to protect customers’ traffic using DDoS Protection for Networks, the Internet must select Imperva as the best path. So what does this mean? Does Imperva automatically take over the customer’s prefix and control the routing of the Internet? Well…not exactly. Internet Routing...

6.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/10/16 12:0 a.m.4 views

The vulnerability of the BGP protocol implementation in the Junos OS operating system allows a attacker to cause a service failure.

The vulnerability of the BGP protocol implementation in the Junos OS operating system is related to memory leaks. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted commands remotely...

7.8CVSS5.5AI score0.01321EPSS
Exploits0References2Affected Software1
Akamai Blog
Akamai Blog
added 2018/11/05 3:6 p.m.109 views

BGP Route Hijacking

Yes, we can minimize the BGP Hijacking Risk Every day we see something new about the global security threat. It is hard to keep track of all the various ways your network can be attacked. But there are some threat-vectors which need particular attention. "Did you know that a threat-actor with 20...

7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2018/07/19 2:29 a.m.19 views

CVE-2018-14342

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths...

7.8CVSS6.8AI score0.03696EPSS
Exploits0References4
OSV
OSV
added 2018/07/19 2:29 a.m.6 views

UBUNTU-CVE-2018-14342

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths...

7.5CVSS7.1AI score0.03696EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2018/07/19 2:0 a.m.44 views

CVE-2018-14342

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths...

7.8CVSS7.5AI score0.03696EPSS
Exploits0
Cvelist
Cvelist
added 2018/06/20 9:0 p.m.23 views

CVE-2018-0295

A vulnerability in the Border Gateway Protocol BGP implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update...

7.6AI score0.0254EPSS
Exploits0References2
NVD
NVD
added 2017/10/13 5:29 p.m.21 views

CVE-2017-10607

Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit PDU sent directly to the router, which can cause the RPD routing process to crash and restart. Unlike BGP UPDATEs, which are transitive in nature, this...

7.5CVSS7.5AI score0.01034EPSS
Exploits0References1
Rows per page
Query Builder