ffr: Flowspec overflow in bgpd/bgp_flowspec.c

A flaw was found in bgpd/bgpflowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages...

frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message

A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

frr: crash from malformed EOR-containing BGP UPDATE message

An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR...

Cisco Nexus 3600 External BGP DoS (cisco-sa-nxos-po-acl-TkyePgvL)

A vulnerability in the External Border Gateway Protocol eBGP implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware...

CVE-2024-20321

A vulnerability in the External Border Gateway Protocol eBGP implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware...

PT-2024-1897 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS affected versions not specified Description: A vulnerability in the External Border Gateway Protocol eBGP implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS...

The vulnerability of the dissect_bgp_open() function in the Wireshark network traffic analyzer allows a hacker to cause a service failure.

The vulnerability of the dissectbgpopen function in the Wireshark network traffic analyzer is related to the operation that occurs outside the buffer in memory when processing extended BGP parameter formats. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

AZL-44853 CVE-2024-24478 affecting package wireshark for versions less than 4.4.7-1

An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissectbgpopentvbuffttvb, prototreetree, packetinfopinfo, optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected...

UBUNTU-CVE-2024-24478

DISPUTED An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissectbgpopentvbuffttvb, prototreetree, packetinfopinfo, optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affecte...

frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message

A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

ffr: Flowspec overflow in bgpd/bgp_flowspec.c

A flaw was found in bgpd/bgpflowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages...

frr: crash from malformed EOR-containing BGP UPDATE message

An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR...

frr: crash from malformed EOR-containing BGP UPDATE message

An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR...

ffr: Flowspec overflow in bgpd/bgp_flowspec.c

A flaw was found in bgpd/bgpflowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages...

ffr: Out of bounds read in bgpd/bgp_label.c

An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...

The vulnerability of the BGP Session Handler component in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the BGP Session Handler component in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

CVE-2024-21617

An Incomplete Cleanup vulnerability in Nonstop active routing NSR component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service DoS. On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual...

CVE-2024-21611

A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Juniper Flow Monitoring jflow scenario route churn that...

CVE-2024-21596

A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service DoS. If an attacker sends a specific BGP UPDATE message to the device, this will cause a...

Juniper Networks Junos OS and Junos OS Evolved Security Vulnerabilities

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system designed for use with the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK...