CVE-2007-4826

quagga bgpd DoS

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled.

bgpd en Quagga versiones anteriores a 0.99.9, permite que los peers BGP configurados explícitamente causen una denegación de servicio (bloqueo) por medio de (1) mensaje OPEN malformado o (2) un atributo COMMUNITY malformado, que desencadena una desreferencia del puntero NULL. NOTA: el vector 2 solo existe cuando la depuración está habilitada.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Partial

Attack Vector

Adjacent

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-09-11 CVE Reserved
2007-09-12 CVE Published
2024-08-07 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (21)

URL	Tag	Source
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00153.html	Mailing List
http://www.quagga.net/download/quagga-0.99.9.changelog.txt	X_refsource_confirm
https://exchange.xforce.ibmcloud.com/vulnerabilities/36551	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760	2017-07-29
http://secunia.com/advisories/26744	2017-07-29
http://www.securityfocus.com/bid/25634	2017-07-29

URL	Date	SRC
http://fedoranews.org/updates/FEDORA-2007-219.shtml	2017-07-29
http://secunia.com/advisories/26829	2017-07-29
http://secunia.com/advisories/26863	2017-07-29
http://secunia.com/advisories/27049	2017-07-29
http://secunia.com/advisories/29743	2017-07-29
http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1	2017-07-29
http://www.debian.org/security/2007/dsa-1382	2017-07-29
http://www.mandriva.com/security/advisories?name=MDKSA-2007:182	2017-07-29
http://www.redhat.com/support/errata/RHSA-2010-0785.html	2017-07-29
http://www.trustix.org/errata/2007/0028	2017-07-29
http://www.ubuntu.com/usn/usn-512-1	2017-07-29
http://www.vupen.com/english/advisories/2007/3129	2017-07-29
http://www.vupen.com/english/advisories/2008/1195/references	2017-07-29
https://access.redhat.com/security/cve/CVE-2007-4826	2010-10-20
https://bugzilla.redhat.com/show_bug.cgi?id=285691	2010-10-20

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				<= 0.99.8 Search vendor "Quagga" for product "Quagga" and version " <= 0.99.8"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.95 Search vendor "Quagga" for product "Quagga" and version "0.95"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.96 Search vendor "Quagga" for product "Quagga" and version "0.96"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.96.1 Search vendor "Quagga" for product "Quagga" and version "0.96.1"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.96.2 Search vendor "Quagga" for product "Quagga" and version "0.96.2"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.96.3 Search vendor "Quagga" for product "Quagga" and version "0.96.3"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.96.4 Search vendor "Quagga" for product "Quagga" and version "0.96.4"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.96.5 Search vendor "Quagga" for product "Quagga" and version "0.96.5"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.97.0 Search vendor "Quagga" for product "Quagga" and version "0.97.0"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.97.1 Search vendor "Quagga" for product "Quagga" and version "0.97.1"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.97.2 Search vendor "Quagga" for product "Quagga" and version "0.97.2"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.97.3 Search vendor "Quagga" for product "Quagga" and version "0.97.3"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.97.4 Search vendor "Quagga" for product "Quagga" and version "0.97.4"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.97.5 Search vendor "Quagga" for product "Quagga" and version "0.97.5"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.98.0 Search vendor "Quagga" for product "Quagga" and version "0.98.0"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.98.1 Search vendor "Quagga" for product "Quagga" and version "0.98.1"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.98.2 Search vendor "Quagga" for product "Quagga" and version "0.98.2"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.98.3 Search vendor "Quagga" for product "Quagga" and version "0.98.3"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.98.4 Search vendor "Quagga" for product "Quagga" and version "0.98.4"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.98.5 Search vendor "Quagga" for product "Quagga" and version "0.98.5"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.98.6 Search vendor "Quagga" for product "Quagga" and version "0.98.6"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.99.1 Search vendor "Quagga" for product "Quagga" and version "0.99.1"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.99.2 Search vendor "Quagga" for product "Quagga" and version "0.99.2"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.99.3 Search vendor "Quagga" for product "Quagga" and version "0.99.3"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.99.4 Search vendor "Quagga" for product "Quagga" and version "0.99.4"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.99.5 Search vendor "Quagga" for product "Quagga" and version "0.99.5"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.99.6 Search vendor "Quagga" for product "Quagga" and version "0.99.6"		-		Affected
Quagga Search vendor "Quagga"		Quagga Search vendor "Quagga" for product "Quagga"				0.99.7 Search vendor "Quagga" for product "Quagga" and version "0.99.7"		-		Affected