37 matches found
Siemens Ruggedcom ROX NULL Pointer Dereference (CVE-2023-41358)
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; i...
TencentOS Server 3: frr (TSSA-2024:0184)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0184 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
RHEL 8 : frr (RHSA-2024:2981)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2981 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...
Moderate: Red Hat Security Advisory: frr security update
An update for frr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
ALSA-2024:2981 Moderate: frr security update
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: missing length check in bgpattrpsidsub can lead do DoS CVE-2023-31490 frr: processes invalid NLRIs if attribute length is...
CentOS 8 : frr (CESA-2024:2981)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:2981 advisory. - An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgpattrpsidsub function. CVE-2023-31490 - An...
Oracle Linux 9 : frr (ELSA-2024-2156)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2156 advisory. 8.5.3-4 - Resolves: RHEL-14825 - crafted BGP UPDATE message leading to a crash 8.5.3-3 - Resolves: RHEL-14822 - mishandled malformed data leading to a...
Moderate: Red Hat Security Advisory: frr security update
An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Moderate: frr security update
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: incorrect length check in bgpcapabilityllgr can lead do DoS CVE-2023-31489 frr: missing length check in bgpattrpsidsub ca...
RHEL 9 : frr (RHSA-2024:2156)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2156 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...
openSUSE: Security Advisory for quagga (SUSE-SU-2023:3839-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for frr (SUSE-SU-2023:3709-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for frr (SUSE-SU-2023:3762-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for frr (FEDORA-2023-ce436d56f8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : frr (2023-ce436d56f8)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ce436d56f8 advisory. New version 8.5.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
quagga: Fix of 2 CVEs
CVE-2023-41360: don't read the first byte of ORF header if we are ahead of stream - CVE-2023-41358: do not process NLRIs if the attribute length is zero...
Ubuntu 20.04 ESM / 22.04 LTS / 23.04 : FRR vulnerabilities (USN-6436-1)
The remote Ubuntu 20.04 ESM / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6436-1 advisory. It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue t...
Ubuntu: Security Advisory (USN-6432-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6436-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Quagga vulnerabilities (USN-6432-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6432-1 advisory. It was discovered that the Quagga BGP daemon did not properly check the attribute length in NRLI. A remote attacker could possibl...