18 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-2236
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in the newmsglsachangenotify function in the OSPFD API ospfapi.c in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a...
Mageia: Security Advisory (MGASA-2013-0310)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0879-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1470-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 4.05 : quagga Multiple Vulnerabilities (NS-SA-2019-0101)
The remote NewStart CGSL host, running version MAIN 4.05, has quagga packages installed that are affected by multiple vulnerabilities: - A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose...
Scientific Linux Security Update : quagga on SL6.x i386/x86_64 (20170321)
Security Fixes : - A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service. CVE-2016-1245 - A stack-based buffer overflow flaw was found in the way the...
Oracle Linux 6 : quagga (ELSA-2017-0794)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0794 advisory. - Resolves: 1416013 - CVE-2017-5495 quagga: Telnet interface input buffer allocates unbounded amounts of memory - fix for CVE-2013-2236 1391918 - fix f...
quagga security and bug fix update
0.99.15-14 - Resolves: 1416013 - CVE-2017-5495 quagga: Telnet interface input buffer allocates unbounded amounts of memory 0.99.15-13 - fix path of ripd pid file 842308 0.99.15-12 - fix start function in watchqugga initscript 862826, 1208617 0.99.15-11 - fix for CVE-2013-2236 1391918 - fix for...
CentOS 6 : quagga (CESA-2017:0794)
An update for quagga is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Ubuntu 14.04 LTS : Quagga vulnerabilities (USN-2941-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2941-1 advisory. Kostya Kortchinsky discovered that Quagga incorrectly handled certain route data when configured with BGP peers enabled for VPNv4. A remote attacker coul...
USN-2941-1: Quagga vulnerabilities
Kostya Kortchinsky discovered that Quagga incorrectly handled certain route data when configured with BGP peers enabled for VPNv4. A remote attacker could use this issue to cause Quagga to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-2342 It was discovered...
Oracle Solaris Third-Party Patch Update : quagga (cve_2013_2236_buffer_errors)
The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in the newmsglsachangenotify function in the OSPFD API ospfapi.c in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers...
[SECURITY] [DSA 2803-1] quagga security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2803-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 26, 2013 http://www.debian.org/security/faq -...
CVE-2013-2236
CVE-2013-2236: Quagga’s OSPFD ospf_api.c new_msg_lsa_change_notify has a stack-based buffer overflow when --enable-opaque-lsa and -a are used, allowing a remote attacker to crash the daemon via a large LSA. Affected products/versions include Quagga prior to 0.99.22.2. The issue is a denial of ser...
CVE-2013-2236
Removed by vendor...
Updated quagga packages fix CVE-2013-2236
Updated quagga packages fix security vulnerability: Remotely exploitable buffer overflow in ospfapi.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2 CVE-2013-2236. Note: We have worked around this vulnerability by disabling the ospfapi and ospfclient features, which did...
GLSA-201310-08 : Quagga: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201310-08 Quagga: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to cause arbitrary code...
SuSE 11.2 / 11.3 Security Update : quagga (SAT Patch Numbers 8234 / 8235)
This update of quagga fixes two security issues : - specially crafted OSPF packets could have caused the routing table to be erased. bnc822572. CVE-2013-0149 - local network stack overflow bnc828117. CVE-2013-2236 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packa...