Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-2948
HistorySep 10, 2010 - 12:00 a.m.

CVE-2010-2948

2010-09-1000:00:00
ubuntu.com
ubuntu.com
8

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.056 Low

EPSS

Percentile

93.1%

Stack-based buffer overflow in the bgp_route_refresh_receive function in
bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated
users to cause a denial of service (daemon crash) or possibly execute
arbitrary code via a malformed Outbound Route Filtering (ORF) record in a
BGP ROUTE-REFRESH (RR) message.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchquagga< 0.99.2-1ubuntu3.7UNKNOWN
ubuntu8.04noarchquagga< 0.99.9-2ubuntu1.4UNKNOWN
ubuntu9.10noarchquagga< 0.99.13-1ubuntu0.1UNKNOWN
ubuntu10.04noarchquagga< 0.99.15-1ubuntu0.1UNKNOWN

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.056 Low

EPSS

Percentile

93.1%

Related for UB:CVE-2010-2948