Page 5 of 25 results (0.011 seconds)

CVSS: 5.0EPSS: 18%CPEs: 36EXPL: 0

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message. bgpd en Quagga anteriores a v0.99.17 no realiza el análisis sintáctico las rutas AS, lo que permite a atacantes remotos provocar una denegación de servicio (desreferencia de puntero NULL y caída del demonio) a través de un tipo AS desconocido en un atributo AS en un mensaje BGP UPDATE. • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html http://secunia.com/advisories/41038 http://secunia.com/advisories/41238 http://secunia.com/advisories/42397 http://secunia.com/advisories/42446 http://secunia.com/advisories/42498 http://secunia.com/advisories/48106 http://security.gentoo.org/glsa/glsa-201 •

CVSS: 6.5EPSS: 5%CPEs: 36EXPL: 0

Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message. Desbordamiento de búfer basado en pila en la función bgp_route_refresh_receive en bgp_packet.c en bgpd en Quagga anterior a v0.99.17, permite a usuarios remotos autenticados provocar una denegación de servicio (caída del demonio) o posiblemente ejecutar código a través de un registro Outbound Route Filtering (ORF) formado de forma errónea en un mensaje BGP ROUTE-REFRESH (RR). • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=d64379e8f3c0636df53ed08d5b2f1946cfedd0e3 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html http://secunia.com/advisories/41038 http://secunia.com/advisories/41238 http://secunia.com/advisories/42397 http://secunia.com/advisories/42446 http://secunia.com/advisories/42498 http://secunia.com/advisories/48106 http://security.gentoo.org/glsa/glsa-201 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 5.0EPSS: 11%CPEs: 31EXPL: 3

The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error. El demonio BGP (bgpd) in Quagga v0.99.11 y anteriores, permite a atacantes remotos provocar una denegación de servicio (caída) a través de una ruta AS que contiene elementos ASN cuya representación de cadena es mayor que la esperada, lo que provoca un error de aserción. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://marc.info/?l=quagga-dev&m=123364779626078&w=2 http://secunia.com/advisories/34999 http://secunia.com/advisories/35061 http://secunia.com/advisories/35203 http://secunia.com/advisories/35685 http://thread.gmane.org/gmane.network.quagga.devel/6513 http://www.debian.org/security/2009/dsa-1788 http://www.mandriva.com/security/advisories?name&# •

CVSS: 3.5EPSS: 0%CPEs: 28EXPL: 0

bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled. bgpd en Quagga versiones anteriores a 0.99.9, permite que los peers BGP configurados explícitamente causen una denegación de servicio (bloqueo) por medio de (1) mensaje OPEN malformado o (2) un atributo COMMUNITY malformado, que desencadena una desreferencia del puntero NULL. NOTA: el vector 2 solo existe cuando la depuración está habilitada. • http://fedoranews.org/updates/FEDORA-2007-219.shtml http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00153.html http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760 http://secunia.com/advisories/26744 http://secunia.com/advisories/26829 http://secunia.com/advisories/26863 http://secunia.com/advisories/27049 http://secunia.com/advisories/29743 http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1 http://www.debian.org/security/20 •

CVSS: 6.3EPSS: 2%CPEs: 20EXPL: 0

bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read. bgpd/bgp_attr.c en Quagga 0.98.6 y versiones anteriores, y 0.99.6 y versiones 0.99 anteriores, no validan la longitud de los valores en los atributos MP_REACH_NLRI y MP_UNREACH_NLRI, lo cual permite a atacantes remotos provocar una denegación de servicio (caída o finalización de demonio) mediante mensajes UPDATE manipulados que disparan un error de aserción o lectura fuera de límites. • http://bugzilla.quagga.net/show_bug.cgi?id=354 http://bugzilla.quagga.net/show_bug.cgi?id=355 http://secunia.com/advisories/24808 http://secunia.com/advisories/25084 http://secunia.com/advisories/25119 http://secunia.com/advisories/25255 http://secunia.com/advisories/25293 http://secunia.com/advisories/25312 http://secunia.com/advisories/25428 http://secunia.com/advisories/29743 http://security.gentoo.org/glsa/glsa-200705-05.xml http://sunsolve.sun.com/search/docume • CWE-20: Improper Input Validation •