Unrated severityNVD Advisory· Published May 6, 2009· Updated Apr 23, 2026
CVE-2009-1572
CVE-2009-1572
Description
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.
Affected products
31cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*+ 30 more
- cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*range: <=0.99.11
- cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
- cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
19- www.debian.org/security/2009/dsa-1788nvdPatch
- bugs.debian.org/cgi-bin/bugreport.cginvdExploitPatch
- marc.infonvdExploitPatch
- thread.gmane.org/gmane.network.quagga.devel/6513nvdExploit
- secunia.com/advisories/34999nvdVendor Advisory
- secunia.com/advisories/35061nvdVendor Advisory
- secunia.com/advisories/35203nvdVendor Advisory
- secunia.com/advisories/35685nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.htmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2009/05/01/1nvd
- www.openwall.com/lists/oss-security/2009/05/01/2nvd
- www.osvdb.org/54200nvd
- www.securityfocus.com/bid/34817nvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/usn-775-1nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/50317nvd
- www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.htmlnvd
News mentions
0No linked articles in our index yet.