CVSS: 7.5EPSS: 0%CPEs: 40EXPL: 1CVE-2012-0249 – (ospfd): Assertion failure due improper length check for a received LS-Update OSPF packet
https://notcve.org/view.php?id=CVE-2012-0249
05 Apr 2012 — Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header. Desbordamiento de búfer en la función ospf_ls_upd_list_lsa en ospf_packet.c en la implementación de OSPFv2 en ospfd en Quagga antes v0.99.20.1 permite a atacantes remotos causar una de... • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2012-0250 – (ospfd): Crash by processing LS-Update OSPF packet due improper length check of the Network-LSA structures
https://notcve.org/view.php?id=CVE-2012-0250
05 Apr 2012 — Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. Desbordamiento de búfer en la implementación de OSPFv2 en ospfd en Quagga antes de v0.99.20.1 permite a atacantes remotos causar una denegación de servicio (caída del demonio) ... • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 40EXPL: 0CVE-2012-0255 – (bgpd): Assertion failure by processing malformed AS4 capability in BGP OPEN message
https://notcve.org/view.php?id=CVE-2012-0255
05 Apr 2012 — The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability). La implementación de BGP en bgpd en Quagga antes v0.99.20.1 no utiliza adecuadamente los búferes de mensajes para los mensajes marcados como OPEN, lo que permite a atacantes remotos provocar una denegación ... • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 8%CPEs: 38EXPL: 0CVE-2011-3323 – (ospf6d): Stack-based buffer overflow while decoding Link State Update packet with malformed Inter Area Prefix LSA
https://notcve.org/view.php?id=CVE-2011-3323
10 Oct 2011 — The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length. La implementación de OSPFv3 en ospf6d en Quagga anteriores a v0.99.19 permite a atacantes remotos causar una denegación de servicio (acceso de memoria fuera de rango y la caída del demonio) a través de un mensaje de actualización de enlace del Estado con una longitud de prefijo IPv6... • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=abc7ef44ca05493500865ce81f7b84f5c4eb6594 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 8%CPEs: 38EXPL: 0CVE-2011-3324 – (ospf6d): Denial of service by decoding malformed Database Description packet headers
https://notcve.org/view.php?id=CVE-2011-3324
10 Oct 2011 — The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message. La función ospf6_lsa_is_changed en ospf6_lsa.c en la ejecución de OSPFv3 en ospf6d en Quagga anteriores a v0.99.19 permite a atacantes remotos causar una denegación de servicio (error de aserció... • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=09395e2a0e93b2cf4258cb1de91887948796bb68 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 9%CPEs: 38EXPL: 0CVE-2011-3325 – (ospfd): Denial of service by decoding too short Hello packet or Hello packet with invalid OSPFv2 header type
https://notcve.org/view.php?id=CVE-2011-3325
10 Oct 2011 — ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet. ospf_packet.c en ospfd en Quagga anterior a v0.99.19 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través (1) un tipo de campo 0x0a en una cabecera del paquete en IPv4 o (2) un paquete Hello IPv4 truncado. • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=61ab0301606053192f45c188bc48afc837518770 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 7%CPEs: 38EXPL: 0CVE-2011-3326 – (ospfd): Denial of service by decoding Link State Update LSAs of unknown type
https://notcve.org/view.php?id=CVE-2011-3326
10 Oct 2011 — The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message. La función ospf_flood en ospf_flood.c en ospfd en Quagga anterior a v0.99.19 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un Link State Advertisement (LSA) inválido en un mensaje IPv4 Link State Update. • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=6b161fc12a15aba8824c84d1eb38e529aaf70769 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 21%CPEs: 38EXPL: 0CVE-2011-3327 – (bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
https://notcve.org/view.php?id=CVE-2011-3327
10 Oct 2011 — Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4. Desbordamiento de buffer de memoria dinámica en la función ecommunity_ecom2str en bgp_ecommunity.c en bgpd en Quagga anterior a v0.99.19 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) o posiblemente ejecut... • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=94431dbc753171b48b5c6806af97fd690813b00a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 3%CPEs: 37EXPL: 0CVE-2010-1674 – quagga: DoS (crash) by processing malformed extended community attribute in a route
https://notcve.org/view.php?id=CVE-2010-1674
29 Mar 2011 — The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute. El parser "extended-community" de bgpd de Quagga en versiones anteriores a la 0.99.18 permite a atacantes remotos provocar una denegación de servicio (resolución de puntero NULL y caída de la aplicación) a través de un atributo "Extended Communities" mal formado. • http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html •
CVSS: 7.5EPSS: 3%CPEs: 37EXPL: 0CVE-2010-1675 – quagga: BGP session reset by processing BGP Update message with malformed AS-path attributes
https://notcve.org/view.php?id=CVE-2010-1675
29 Mar 2011 — bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute. bgpd de Quagga en versiones anteriores a la 0.99.18 permite a atacantes remotos provocar una denegación de servicio (reinicio de la sesión) a traés de un atributo de ruta AS_PATHLIMIT mal formado. • http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html • CWE-399: Resource Management Errors •