Unrated severityNVD Advisory· Published Dec 15, 2003· Updated Jun 16, 2026
CVE-2003-0795
CVE-2003-0795
Description
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*range: <=0.96.3
- cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
- (no CPE)range: <0.96.4
- Range: <=0.93b
Patches
Vulnerability mechanics
References
5- www.debian.org/security/2004/dsa-415nvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2003-305.htmlnvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2003-307.htmlnvdPatchVendor Advisory
- secunia.com/advisories/10563nvdVendor Advisory
- marc.infonvd
News mentions
0No linked articles in our index yet.