CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44038
https://notcve.org/view.php?id=CVE-2021-44038
An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update. Se ha detectado un problema en Quagga versiones hasta 1.2.4. Unas operaciones no seguras de chown/chmod en el archivo de especificaciones sugerido permiten a usuarios (con control del directorio /etc/quagga, que no es propiedad de root) escalar sus privilegios a root al instalar o actualizar el paquete • https://bugzilla.suse.com/show_bug.cgi?id=1191890 https://github.com/Quagga/quagga/releases • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2012-5521
https://notcve.org/view.php?id=CVE-2012-5521
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal quagga (ospf6d) versión 0.99.21, presenta un fallo de tipo DoS en la manera en que el demonio ospf6d realiza la eliminación de rutas. • http://www.openwall.com/lists/oss-security/2012/11/13/14 http://www.securityfocus.com/bid/56530 https://access.redhat.com/security/cve/cve-2012-5521 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5521 https://exchange.xforce.ibmcloud.com/vulnerabilities/80096 https://security-tracker.debian.org/tracker/CVE-2012-5521 • CWE-617: Reachable Assertion •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2017-3224 – Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)
https://notcve.org/view.php?id=CVE-2017-3224
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. • https://www.kb.cert.org/vuls/id/793496 • CWE-345: Insufficient Verification of Data Authenticity CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.5EPSS: 12%CPEs: 9EXPL: 0CVE-2018-5381
https://notcve.org/view.php?id=CVE-2018-5381
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI, causing a denial of service. El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, tiene un error en su análisis de "Capabilities" en los mensajes BGP OPEN, en la función bgp_packet.c:bgp_capability_msg_parse. El analizador puede entrar en un bucle infinito o invalidar capacidades si una capacidad Multi-Protocol no tiene un AFI/SAFI reconocido, lo que provocaría una denegación de servicio (DoS). • http://savannah.nongnu.org/forum/forum.php?forum_id=9095 http://www.kb.cert.org/vuls/id/940439 https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1975.txt https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html https://security.gentoo.org/glsa/201804-17 https://usn.ubuntu.com/3573-1 https://www.debian.org/security/2018/dsa-4115 • CWE-228: Improper Handling of Syntactically Invalid Structure CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.1EPSS: 57%CPEs: 6EXPL: 0CVE-2018-5378
https://notcve.org/view.php?id=CVE-2018-5378
The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash. El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, no comprueba correctamente los límites de los datos enviados mediante NOTIFY a un peer, si una longitud de atributo es inválida. Los datos arbitrarios del proceso bgpd podrían enviarse a través de la red a un peer y/o bgpd podría cerrarse inesperadamente. • http://savannah.nongnu.org/forum/forum.php?forum_id=9095 http://www.kb.cert.org/vuls/id/940439 https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-0543.txt https://security.gentoo.org/glsa/201804-17 https://usn.ubuntu.com/3573-1 https://www.debian.org/security/2018/dsa-4115 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •