UBUNTU-CVE-2022-40318

An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...

UBUNTU-CVE-2022-40302

An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...

FRRouting FRR 缓冲区错误漏洞

FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR, which can cause a denial of service by crafting a BGP OPEN message with a 0xff type option...

FRRouting FRR 缓冲区错误漏洞

FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 8.4 and earlier versions, which originates from an out-of-bounds read by the BGP daemon...

FRRouting 缓冲区错误漏洞

FRRouting is an open source network routing software suite from the FRRouting Project that runs on Unix-like platforms. FRRouting suffers from a buffer error vulnerability that originates from a denial of service that can be caused by crafting a BGP OPEN message with a 0xff type option...

Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software

Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol BGP that could be weaponized to achieve a denial-of-service DoS condition on vulnerable BGP peers. The three vulnerabilities reside in version 8.4 of FRRouting, a popular open source...

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Remote code execution User rights Access to system data...

CVE-2023-28982

A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service DoS. In a BGP rib sharding scenario, when an attribute of an active BG...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability in Juniper Networks Junos OS, which arises from the exploitation of uninitialized resources in th...

[SECURITY] Fedora 37 Update: openbgpd-7.9-1.fc37

OpenBGPD is a free implementation of the Border Gateway Protocol BGP, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol...

CVE-2022-36440

A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...

UBUNTU-CVE-2022-36440

A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...

PT-2023-2881 · Frrouting +3 · Frrouting Frr-Bgpd +3

Name of the Vulnerable Software and Affected Versions: Frrouting frr-bgpd version 8.3.0 Description: A reachable assertion was found in the peek for as4 capability function, which can be exploited by attackers to maliciously construct BGP open packets and send them to BGP peers running frr-bgpd,...

Weaver Xtreme Theme Support < 6.2.7 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Required theme:...

CVE-2023-1262

Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network...

Code injection

Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network...

CVE-2023-1262 Missing MAC layer security in Wi-SUN Linux Border Router

Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network...

CVE-2023-1262 Missing MAC layer security in Wi-SUN Linux Border Router

Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network...

PT-2023-16846 · Silicon · Silicon Labs Wi-Sun Linux Border Router

Name of the Vulnerable Software and Affected Versions: Silicon Labs Wi-SUN Linux Border Router versions 1.5.2 and earlier Description: The issue is related to missing MAC layer security, which allows a malicious node to route malicious messages through the network. Recommendations: For Silicon La...

Silicon Labs Wi-SUN Linux Border Router 安全漏洞

Silicon Labs Wi-SUN Linux Border Router is a border router from Silicon Labs. A security vulnerability exists in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier versions, which stems from a problem with the MAC layer security of the software. An attacker could use this vulnerability to...