VYPR
Unrated severityNVD Advisory· Published Apr 12, 2007· Updated Jun 16, 2026

CVE-2007-1995

CVE-2007-1995

Description

bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

23
  • cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*+ 20 more
    • cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*range: <=0.98.6
    • cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
    • cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
    • (no CPE)range: <=0.98.6, <=0.99.6
  • osv-coords2 versions
    < 0.99.6-5+ 1 more
    • (no CPE)range: < 0.99.6-5
    • (no CPE)range: < 1.2.4-2.14

Patches

Vulnerability mechanics

References

26

News mentions

0

No linked articles in our index yet.