kube-router: GoBGP gRPC Admin Port Exposed on Node Primary IP Without Authentication, Allowing Cluster-Wide BGP Route Injection

Summary When the kube-router routing controller starts --run-router, it binds the GoBGP gRPC management server to the node's primary IP e.g., 192.168.1.10:50051 in addition to 127.0.0.1:50051. The default admin port is 50051 and the server is enabled by default with no TLS and no authentication...

EUVD-2023-26556

Malicious code in bioql PyPI...

EUVD-2023-48556

Malicious code in bioql PyPI...

CVE-2024-30394

A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon RPD component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when EVPN is...

CVE-2023-44197

An Out-of-Bounds Write vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. On all Junos OS and Junos OS Evolved devices an rpd crash and restart can occur while...

CVE-2023-22393

An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to cause Routing Protocol Daemon RPD crash by sending a BGP route with invalid next-hop resulting in a Denial of Service DoS. Continue...

CVE-2023-22393 Junos OS and Junos OS Evolved: RPD crash upon receipt of BGP route with invalid next-hop

An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to cause Routing Protocol Daemon RPD crash by sending a BGP route with invalid next-hop resulting in a Denial of Service DoS. Continue...

CVE-2023-22393

CVE-2023-22393 affects Juniper Networks Junos OS and Junos OS Evolved. The issue is an improper check during BGP route processing that allows an attacker to trigger a crash of the Routing Protocol Daemon (RPD) by sending a BGP route with an invalid next-hop, causing a Denial of Service (DoS). The...

PT-2023-3054 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 21.1 through 21.1R3-S4 Juniper Networks Junos OS versions 21.2 through 21.2R3-S3 Juniper Networks Junos OS versions 21.3 through 21.3R3-S2 Juniper Networks Junos OS versions 21.4 through 21.4R2-S2, 21.4R3...

CVE-2022-22219

Due to the Improper Handling of an Unexpected Data Type in the processing of EVPN routes on Juniper Networks Junos OS and Junos OS Evolved, an attacker in direct control of a BGP client connected to a route reflector, or via a machine in the middle MITM attack, can send a specific EVPN route...

CVE-2022-22219 Junos OS and Junos OS Evolved: RPD core upon receipt of a specific EVPN route by a BGP route reflector in an EVPN environment

Due to the Improper Handling of an Unexpected Data Type in the processing of EVPN routes on Juniper Networks Junos OS and Junos OS Evolved, an attacker in direct control of a BGP client connected to a route reflector, or via a machine in the middle MITM attack, can send a specific EVPN route...

CVE-2022-22219 Junos OS and Junos OS Evolved: RPD core upon receipt of a specific EVPN route by a BGP route reflector in an EVPN environment

Due to the Improper Handling of an Unexpected Data Type in the processing of EVPN routes on Juniper Networks Junos OS and Junos OS Evolved, an attacker in direct control of a BGP client connected to a route reflector, or via a machine in the middle MITM attack, can send a specific EVPN route...

Dennis Fisher and Mike Mimoso Discuss Do Not Track, We Are the Cavalry and more

Dennis Fisher and Mike Mimoso discuss the major security stories of the last two weeks, including the BGP route hijacking, why Do Not Track doesn’t work and the We Are the Cavalry movement. Download: digitalunderground135.mp3...

RedHat Update for quagga RHSA-2010:0785-01

Check for the Version of quagga OpenVAS Vulnerability Test RedHat Update for quagga RHSA-2010:0785-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

CVE-2010-2948

Affected software: Quagga bgpd (bgp_route_refresh_receive in bgp_packet.c) prior to version 0.99.17. Vulnerability type: stack-based buffer overflow when processing a malformed Outbound Route Filtering (ORF) in a BGP ROUTE-REFRESH message. Impact (as stated): remote authenticated users can cause ...

PT-2010-1071 · Quagga +1 · Quagga +1

Name of the Vulnerable Software and Affected Versions: Quagga versions prior to 0.99.17 Quagga versions 0.98.3 and 0.98.6 Description: The issue concerns multiple vulnerabilities in the Quagga package, which can lead to a disruption of confidentiality, integrity, and availability of protected...