22 matches found
Debian: Security Advisory (DSA-2104-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2010-0945)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : quagga (openSUSE-SU-2010:0984-1)
This update of quagga fixes two security issues : - CVE-2010-2948: CVSS v2 Base Score: 6.5 MEDIUM AV:N/AC:L/Au:S/C:P/I:P/A:P Stack-based buffer overflow while processing malformed Route-Refresh messages. - CVE-2010-2949: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P Denial of service...
Oracle Linux 6 : quagga (ELSA-2010-0945)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0945 advisory. 0.99.15-5el60.1 - Resolves: 644830 - CVE-2010-2948 CVE-2010-2949 quagga various flaws Tenable has extracted the preceding description block directly fr...
Scientific Linux Security Update : quagga on SL6.x i386/x86_64
A stack-based buffer overflow flaw was found in the way the Quagga bgpd daemon processed certain BGP Route Refresh RR messages. A configured BGP peer could send a specially crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of th...
SuSE 10 Security Update : quagga (ZYPP Patch Number 7406)
This security update of quagga fixes : - Direct BGP peers can send malformed extended communities which lead to a NULL pointer dereference. CVE-2010-1674 - A malformed ASPATHLIMIT path attribute will cause a session reset in Quagga. This malformed package is forwarded by other routers and can be...
openSUSE Security Update : quagga (openSUSE-SU-2010:0984-1)
This update of quagga fixes two security issues : - CVE-2010-2948: CVSS v2 Base Score: 6.5 MEDIUM AV:N/AC:L/Au:S/C:P/I:P/A:P Stack-based buffer overflow while processing malformed Route-Refresh messages. - CVE-2010-2949: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P Denial of service...
openSUSE Security Update : quagga (openSUSE-SU-2010:0984-1)
This update of quagga fixes two security issues : - CVE-2010-2948: CVSS v2 Base Score: 6.5 MEDIUM AV:N/AC:L/Au:S/C:P/I:P/A:P Stack-based buffer overflow while processing malformed Route-Refresh messages. - CVE-2010-2949: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P Denial of service...
Fedora Update for quagga FEDORA-2011-3916
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 13 : quagga-0.99.18-1.fc13 (2011-3916)
Wed Mar 23 2011 Jiri Skala - 0.99.18-1 - fixes 689852 - CVE-2010-1674 CVE-2010-1675 quagga various flaws - fixes 689763 - updated to latest upstream version 0.99.18 - Tue Aug 31 2010 Jiri Skala - 0.99.17-1 - update to latest upstream - fixes 628981 - CVE-2010-2948 and CVE-2010-2949 - Fri Jun 11...
SuSE 10 Security Update : quagga (ZYPP Patch Number 7355)
This security update of quagga fixes : - Direct BGP peers can send malformed extended communities which lead to a NULL pointer dereference. CVE-2010-1674 - A malformed ASPATHLIMIT path attribute will cause a session reset in Quagga. This malformed package is forwarded by other routers and can be...
quagga security update
0.99.15-5el60.1 - Resolves: 644830 - CVE-2010-2948 CVE-2010-2949 quagga various flaws...
USN-1027-1: Quagga vulnerabilities
It was discovered that Quagga incorrectly handled certain Outbound Route Filtering ORF records. A remote authenticated attacker could use this flaw to cause a denial of service or potentially execute arbitrary code. The default compiler options for Ubuntu 8.04 LTS and later should reduce the...
Moderate: Red Hat Security Advisory: quagga security update
Updated quagga packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
SuSE 10 Security Update : quagga (ZYPP Patch Number 7237)
This update of quagga fixes two security issues : - Stack-based buffer overflow while processing malformed Route-Refresh messages. CVE-2010-2948: CVSS v2 Base Score: 6.5 MEDIUM AV:N/AC:L/Au:S/C:P/I:P/A:P - Denial of service while processing malformed BGP update AS path messages. CVE-2010-2949: CV...
Fedora Update for quagga FEDORA-2010-14009
Check for the Version of quagga OpenVAS Vulnerability Test Fedora Update for quagga FEDORA-2010-14009 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora 12 : quagga-0.99.17-1.fc12 (2010-14002)
Tue Aug 31 2010 Jiri Skala - 0.99.17-1 - update to latest upstream - fixes 628981 - CVE-2010-2948 and CVE-2010-2949 - Fri Dec 11 2009 Jiri Skala - 0.99.15-1 - latest upstream version - back ported posix compliance of init script Note that Tenable Network Security has extracted the preceding...
[SECURITY] [DSA-2104-1] New quagga packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2104-1 [email protected] http://www.debian.org/security/ Florian Weimer September 06, 2010 http://www.debian.org/security/faq -...
Fedora 13 : quagga-0.99.17-1.fc13 (2010-14009)
Tue Aug 31 2010 Jiri Skala - 0.99.17-1 - update to latest upstream - fixes 628981 - CVE-2010-2948 and CVE-2010-2949 - Fri Jun 11 2010 Jiri Skala - 0.99.15-3 - fixes 602851 - ships PAM config file, even though PAM is disabled - Tue Jan 26 2010 Jiri Skala - 0.99.15-2 - changes in spec file and init...
CVE-2010-2949
CVE-2010-2949 affects Quagga bgpd prior to 0.99.17. The vulnerability arises from improper parsing of AS paths in BGP UPDATE messages, allowing remote attackers to trigger a denial of service via an unknown AS type in an AS path attribute (resulting in a NULL pointer dereference and daemon crash)...