17 matches found
EUVD-2007-6664
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-31948
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FRRouting FRR through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash. CVE-2024-31948 Note...
SUSE SLES15 Security Update : frr (SUSE-SU-2024:1475-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1475-1 advisory. - In FRRouting FRR through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash...
SUSE SLES15 / openSUSE 15 Security Update : frr (SUSE-SU-2024:1453-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1453-1 advisory. - ospfteparsete in ospfd/ospfte.c in FRRouting FRR through 9.1 allows remote attackers to cause a denial of service...
Denial Of Service (DoS)
FRRouting/frr is vulnerable to Denial of Service DoS. This vulnerability occurs due to improper handling of the Prefix SID attribute in the bgpattrmalformed function within bgpattr.c, leading to a crash of the bgpd daemon...
SUSE CVE-2024-31948
In FRRouting FRR through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash...
CVE-2024-31948
In FRRouting FRR through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash...
CVE-2024-31948
CVE-2024-31948 affects FRRouting (FRR) up to 9.1, where a malformed Prefix SID attribute in a BGP UPDATE can crash the bgpd daemon. The issue is confirmed across multiple advisories referencing FRR fixes in FRR 8.5.6 and later (e.g., SUSE-SU-2024:4090-1). Impact is a denial of service (bgpd crash...
MGASA-2017-0416 Updated quagga packages fix security vulnerability
The bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment ASPATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity CVE-2017-16227...
Updated quagga packages fix security vulnerability
The bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment ASPATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity CVE-2017-16227...
[SECURITY] [DSA 4011-1] quagga security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4011-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 30, 2017 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4011-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : quagga on SL5.x i386/x86_64 (20120912)
A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user...
Scientific Linux Security Update : quagga on SL6.x i386/x86_64
A denial of service flaw was found in the way the Quagga bgpd daemon processed certain route metrics information. A BGP message with a specially crafted path limit attribute would cause the bgpd daemon to reset its session with the peer through which this message was received. CVE-2010-1675 A NUL...
CVE-2007-6700
Cross-site scripting XSS vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon in OpenBSD 4.1 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter...
CVE-2007-6700
The CVE-2007-6700 entry describes a Cross-site Scripting (XSS) vulnerability in the cgi-bin/bgplg component of the OpenBSD 4.1 BGPD web interface. Remote attackers could inject arbitrary web script or HTML through the cmd parameter. Affected software is OpenBSD 4.1’s BGPD with the web interface c...
[DSECRG-08-007] OpenBSD BGPD daemon Web Interface XSS.
DSECRG-08-007 Digital Security Research Group DSecRG Advisory Application: OpenBSD BGPD daemon Versions Affected: OpenBSD 4.1 Vendor URL: http://openbsd.org Bugs: XSS Exploits: YES Reported: 10.10.2007 Vendor response: 10.10.2007 Date of Public Advisory: 31.01.2008 Authors: Alexandr Polyakov, Ant...