37 matches found
FastNetMon 安全漏洞
FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov. It is built using multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contain security vulnerabilities, which stem from errors in handling extended length flags during the parsing of BGP path...
EUVD-2026-31841
FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgpprotocol.hpp, the parserawbgpattribute function correctly identifies when extendedlengthbit is set and sets lengthoflengthfield...
CVE-2026-41643 GoBGP: Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE
GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during th...
CVE-2026-41643 GoBGP: Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE
GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during th...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the UpdatePathAttrs4ByteAs function when processing malformed BGP UPDATE messages containing both ASPATH and AS4PATH attributes. An attacker can cause the process to crash by sending a specially...
GHSA-8RXH-R2P6-7F2Q GoBGP has Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE
Summary A remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during the processing of 4-byte AS attributes when the message structure causes an internal slice index shift that is not...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the UpdatePathAttrs4ByteAs function when processing malformed BGP UPDATE messages containing both ASPATH and AS4PATH attributes. An attacker can cause the process to crash by sending a specially...
GoBGP has Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE
Summary A remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during the processing of 4-byte AS attributes when the message structure causes an internal slice index shift that is not...
PT-2026-37136
Name of the Vulnerable Software and Affected Versions GoBGP versions prior to 4.3.0 Description A remote Denial of Service DoS issue exists where a malformed BGP UPDATE message can trigger a runtime error resulting in an index out of range panic. This occurs during the processing of 4-byte AS...
EUVD-2023-45878
Malicious code in bioql PyPI...
CVE-2023-41376
Nokia Service Router Operating System SR OS 22.10 and SR Linux, when error-handling update-fault-tolerance is not enabled, mishandle BGP path attributes...
Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 资源管理错误漏洞
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a set of network operating systems dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK...
CVE-2024-39549
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not...
CVE-2024-39549 Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not...
PT-2024-40748 · Git +1 · Pcapplusplus
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 2 crash has been reported. The crash involves the pcpp::BgpLayer::getHeaderLen, pcpp::Packet::shortenLayer, and...
frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...
frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...
frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...
frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...
SUSE CVE-2023-47234
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...