36 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update. Se ha detectado un problema en Quagga versiones hasta 1.2.4. Unas operaciones no seguras de chown/chmod en el archivo de especificaciones sugerido permiten a usuarios (con control del directorio /etc/quagga, que no es propiedad de root) escalar sus privilegios a root al instalar o actualizar el paquete • https://bugzilla.suse.com/show_bug.cgi?id=1191890 https://github.com/Quagga/quagga/releases • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal quagga (ospf6d) versión 0.99.21, presenta un fallo de tipo DoS en la manera en que el demonio ospf6d realiza la eliminación de rutas. • http://www.openwall.com/lists/oss-security/2012/11/13/14 http://www.securityfocus.com/bid/56530 https://access.redhat.com/security/cve/cve-2012-5521 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5521 https://exchange.xforce.ibmcloud.com/vulnerabilities/80096 https://security-tracker.debian.org/tracker/CVE-2012-5521 • CWE-617: Reachable Assertion •

CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. • https://www.kb.cert.org/vuls/id/793496 • CWE-345: Insufficient Verification of Data Authenticity CWE-354: Improper Validation of Integrity Check Value •

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input. El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, puede saturar las tablas internas de conversión de código a cadena de BGP empleadas para depurar por un valor de puntero 1, basándose en las entradas. • http://savannah.nongnu.org/forum/forum.php?forum_id=9095 http://www.kb.cert.org/vuls/id/940439 https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html https://security.gentoo.org/glsa/201804-17 https://usn.ubuntu.com/3573-1 https://www.debian.org/security/2018/dsa-4115 • CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 57%CPEs: 6EXPL: 0

The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash. El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, no comprueba correctamente los límites de los datos enviados mediante NOTIFY a un peer, si una longitud de atributo es inválida. Los datos arbitrarios del proceso bgpd podrían enviarse a través de la red a un peer y/o bgpd podría cerrarse inesperadamente. • http://savannah.nongnu.org/forum/forum.php?forum_id=9095 http://www.kb.cert.org/vuls/id/940439 https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-0543.txt https://security.gentoo.org/glsa/201804-17 https://usn.ubuntu.com/3573-1 https://www.debian.org/security/2018/dsa-4115 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •