32 matches found
MiracleLinux 9 : frr-8.3.1-5.el9.ML.1 (AXSA:2023-5523:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5523:02 advisory. frr: out-of-bounds read in the BGP daemon may lead to information disclosure or denial of service CVE-2022-37032 Tenable has extracted the preceding...
Siemens Ruggedcom ROX Out-of-bounds Read (CVE-2022-37032)
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse in bgpd/bgppacket.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Linux Distros Unpatched Vulnerability : CVE-2022-37032
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse...
TencentOS Server 3: frr (TSSA-2023:0082)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0082 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
openSUSE Security Advisory (SUSE-SU-2024:3478-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:3478-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: libfpm_pb0 / libospf0 / libospfapiclient0 / libquagga_pb0 / etc (SUSE-SU-2024:3478-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3478-1 advisory. - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. bsc1230866 -...
SUSE-SU-2024:3478-1 Security update for quagga
This update for quagga fixes the following issues: - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. bsc1230866 - CVE-2024-44070: crash when parsing Tunnel Encap attribute due to no length check. bsc1229438 - CVE-2022-37032: out-of-bounds read when...
SUSE SLES15: libfpm_pb0 / libospf0 / libospfapiclient0 / libquagga_pb0 / etc (SUSE-SU-2024:3433-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3433-1 advisory. - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. bsc1230866 - CVE-2024-44070: cra...
SUSE: Security Advisory (SUSE-SU-2024:3433-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:3426-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3426-1 Security update for quagga
This update for quagga fixes the following issues: - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. bsc1230866 - CVE-2024-44070: crash when parsing Tunnel Encap attribute due to no length check. bsc1229438 - CVE-2022-37032: out-of-bounds read when...
Ubuntu: Security Advisory (USN-6807-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6807-1: FRR vulnerabilities
It was discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. CVE-2022-26126, CVE-2022-26127, CVE-2022-26128, CVE-2022-26129, CVE-2022-37032, CVE-2022-37035, CVE-2023-31490,...
Ubuntu 20.04 LTS : FRR vulnerabilities (USN-6807-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6807-1 advisory. It was discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting ...
Ubuntu 20.04 LTS : Quagga vulnerabilities (USN-6482-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6482-1 advisory. It was discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulti...
AlmaLinux 8 : frr (ALSA-2023:2801)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2801 advisory. - An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse ...
Moderate: Red Hat Security Advisory: frr security and bug fix update
An update for frr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
RHEL 8 : frr (RHSA-2023:2801)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2801 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and...
Moderate: frr security and bug fix update
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: out-of-bounds read in the BGP daemon may lead to information disclosure or denial of service CVE-2022-37032 For more...