CVSS: 5.0EPSS: 18%CPEs: 36EXPL: 0CVE-2010-2949 – (bgpd): DoS (crash) while processing certain BGP update AS path messages
https://notcve.org/view.php?id=CVE-2010-2949
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message. bgpd en Quagga anteriores a v0.99.17 no realiza el análisis sintáctico las rutas AS, lo que permite a atacantes remotos provocar una denegación de servicio (desreferencia de puntero NULL y caída del demonio) a través de un tipo AS desconocido en un atributo AS en un mensaje BGP UPDATE. • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html http://secunia.com/advisories/41038 http://secunia.com/advisories/41238 http://secunia.com/advisories/42397 http://secunia.com/advisories/42446 http://secunia.com/advisories/42498 http://secunia.com/advisories/48106 http://security.gentoo.org/glsa/glsa-201 •
CVSS: 6.5EPSS: 5%CPEs: 36EXPL: 0CVE-2010-2948 – (bgpd): Stack buffer overflow by processing certain Route-Refresh messages
https://notcve.org/view.php?id=CVE-2010-2948
Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message. Desbordamiento de búfer basado en pila en la función bgp_route_refresh_receive en bgp_packet.c en bgpd en Quagga anterior a v0.99.17, permite a usuarios remotos autenticados provocar una denegación de servicio (caída del demonio) o posiblemente ejecutar código a través de un registro Outbound Route Filtering (ORF) formado de forma errónea en un mensaje BGP ROUTE-REFRESH (RR). • http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=d64379e8f3c0636df53ed08d5b2f1946cfedd0e3 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html http://secunia.com/advisories/41038 http://secunia.com/advisories/41238 http://secunia.com/advisories/42397 http://secunia.com/advisories/42446 http://secunia.com/advisories/42498 http://secunia.com/advisories/48106 http://security.gentoo.org/glsa/glsa-201 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 5.0EPSS: 11%CPEs: 31EXPL: 3CVE-2009-1572
https://notcve.org/view.php?id=CVE-2009-1572
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error. El demonio BGP (bgpd) in Quagga v0.99.11 y anteriores, permite a atacantes remotos provocar una denegación de servicio (caída) a través de una ruta AS que contiene elementos ASN cuya representación de cadena es mayor que la esperada, lo que provoca un error de aserción. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://marc.info/?l=quagga-dev&m=123364779626078&w=2 http://secunia.com/advisories/34999 http://secunia.com/advisories/35061 http://secunia.com/advisories/35203 http://secunia.com/advisories/35685 http://thread.gmane.org/gmane.network.quagga.devel/6513 http://www.debian.org/security/2009/dsa-1788 http://www.mandriva.com/security/advisories?name&# •
CVSS: 3.5EPSS: 0%CPEs: 28EXPL: 0CVE-2007-4826 – quagga bgpd DoS
https://notcve.org/view.php?id=CVE-2007-4826
bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled. bgpd en Quagga versiones anteriores a 0.99.9, permite que los peers BGP configurados explícitamente causen una denegación de servicio (bloqueo) por medio de (1) mensaje OPEN malformado o (2) un atributo COMMUNITY malformado, que desencadena una desreferencia del puntero NULL. NOTA: el vector 2 solo existe cuando la depuración está habilitada. • http://fedoranews.org/updates/FEDORA-2007-219.shtml http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00153.html http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760 http://secunia.com/advisories/26744 http://secunia.com/advisories/26829 http://secunia.com/advisories/26863 http://secunia.com/advisories/27049 http://secunia.com/advisories/29743 http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1 http://www.debian.org/security/20 •