logo
DATABASE RESOURCES PRICING ABOUT US

Quagga vulnerabilities

Description

It was discovered that Quagga incorrectly handled Link State Update messages with invalid lengths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2012-0249, CVE-2012-0250) It was discovered that Quagga incorrectly handled messages with a malformed Four-octet AS Number Capability. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2012-0255)


Affected Package


OS OS Version Package Name Package Version
Ubuntu 12.04 quagga 0.99.20.1-0ubuntu0.12.04.2
Ubuntu 11.10 quagga 0.99.20.1-0ubuntu0.11.10.2
Ubuntu 11.04 quagga 0.99.20.1-0ubuntu0.11.04.2
Ubuntu 10.04 quagga 0.99.20.1-0ubuntu0.10.04.2

Related