CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2016-4049 – quagga: denial of service vulnerability in BGP routing daemon
https://notcve.org/view.php?id=CVE-2016-4049
23 May 2016 — The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet. La función bgp_dump_routes_func en bgpd/bgp_dump.c en Quagga no lleva a cabo comprobaciones de tamaño cuando hay datos de envío, lo que podría permitir a atacantes remotos provocar una denegación de servicio (fallo de aserción y caída de demonio) a través de un paquete grande... • http://lists.opensuse.org/opensuse-updates/2016-05/msg00062.html • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 20%CPEs: 3EXPL: 0CVE-2016-2342 – quagga: VPNv4 NLRI parser memcpys to stack on unchecked length
https://notcve.org/view.php?id=CVE-2016-2342
17 Mar 2016 — The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted packet. La función bgp_nlri_parse_vpnv4 en bgp_mplsvpn.c en el intérprete VPNv4 NLRI en bgpd en Quagga en versiones anteriores a 1.0.20160309, cuando ... • http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=a3bc7e9400b214a0f078fdb19596ba54214a1442 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6051 – Debian Security Advisory 2803-1
https://notcve.org/view.php?id=CVE-2013-6051
26 Nov 2013 — The bgp_attr_unknown function in bgp_attr.c in Quagga 0.99.21 does not properly initialize the total variable, which allows remote attackers to cause a denial of service (bgpd crash) via a crafted BGP update. La función bgp_attr_unknown en bgp_attr.c en Quagga 0.99.21 no inicializa correctamente la variable total, lo que permite a atacantes remotos provocar una denegación de servicio (caída bgpd) a través de una actualización manipulada de BGP. Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730513 •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2013-2236 – Quagga: OSPFD Potential remote code exec (stack based buffer overflow)
https://notcve.org/view.php?id=CVE-2013-2236
10 Oct 2013 — Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA. Desbordamiento de pila en la función new_msg_lsa_change_notify en OSPFD API (ospf_api.c) anterior a 0.99.222, cuando las opciones de línea de comandos --enable-opaque-lsa y -a son utilizadas, permite a atacantes rmeotos causar una denegació... • http://git.savannah.gnu.org/gitweb/?p=quagga.git%3Ba=commitdiff%3Bh=3f872fe60463a931c5c766dbf8c36870c0023e88 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 41EXPL: 0CVE-2012-1820 – (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV (VU#962587)
https://notcve.org/view.php?id=CVE-2012-1820
13 Jun 2012 — The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message. La función bgp_capability_orf de bgpd de Quagga 0.99.20.1 y anteriores permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y finalización del demonio) basándose en una relación "BGP peering... • http://rhn.redhat.com/errata/RHSA-2012-1259.html •
CVSS: 7.5EPSS: 0%CPEs: 40EXPL: 1CVE-2012-0249 – (ospfd): Assertion failure due improper length check for a received LS-Update OSPF packet
https://notcve.org/view.php?id=CVE-2012-0249
05 Apr 2012 — Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header. Desbordamiento de búfer en la función ospf_ls_upd_list_lsa en ospf_packet.c en la implementación de OSPFv2 en ospfd en Quagga antes v0.99.20.1 permite a atacantes remotos causar una de... • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2012-0250 – (ospfd): Crash by processing LS-Update OSPF packet due improper length check of the Network-LSA structures
https://notcve.org/view.php?id=CVE-2012-0250
05 Apr 2012 — Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. Desbordamiento de búfer en la implementación de OSPFv2 en ospfd en Quagga antes de v0.99.20.1 permite a atacantes remotos causar una denegación de servicio (caída del demonio) ... • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 40EXPL: 0CVE-2012-0255 – (bgpd): Assertion failure by processing malformed AS4 capability in BGP OPEN message
https://notcve.org/view.php?id=CVE-2012-0255
05 Apr 2012 — The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability). La implementación de BGP en bgpd en Quagga antes v0.99.20.1 no utiliza adecuadamente los búferes de mensajes para los mensajes marcados como OPEN, lo que permite a atacantes remotos provocar una denegación ... • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 8%CPEs: 38EXPL: 0CVE-2011-3323 – (ospf6d): Stack-based buffer overflow while decoding Link State Update packet with malformed Inter Area Prefix LSA
https://notcve.org/view.php?id=CVE-2011-3323
10 Oct 2011 — The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length. La implementación de OSPFv3 en ospf6d en Quagga anteriores a v0.99.19 permite a atacantes remotos causar una denegación de servicio (acceso de memoria fuera de rango y la caída del demonio) a través de un mensaje de actualización de enlace del Estado con una longitud de prefijo IPv6... • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=abc7ef44ca05493500865ce81f7b84f5c4eb6594 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 8%CPEs: 38EXPL: 0CVE-2011-3324 – (ospf6d): Denial of service by decoding malformed Database Description packet headers
https://notcve.org/view.php?id=CVE-2011-3324
10 Oct 2011 — The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message. La función ospf6_lsa_is_changed en ospf6_lsa.c en la ejecución de OSPFv3 en ospf6d en Quagga anteriores a v0.99.19 permite a atacantes remotos causar una denegación de servicio (error de aserció... • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=09395e2a0e93b2cf4258cb1de91887948796bb68 • CWE-399: Resource Management Errors •