VYPR

Quagga

by Quagga (software)

CVEs (37)

  • CVE-2013-2236Oct 24, 2013
    risk 0.00cvss epss 0.02

    Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.

  • CVE-2012-1820Jun 13, 2012
    risk 0.00cvss epss 0.01

    The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an…

  • CVE-2012-0255Apr 5, 2012
    risk 0.00cvss epss 0.03

    The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number…

  • CVE-2012-0250Apr 5, 2012
    risk 0.00cvss epss 0.01

    Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure…

  • CVE-2012-0249Apr 5, 2012
    risk 0.00cvss epss 0.02

    Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is…

  • CVE-2011-3326Oct 10, 2011
    risk 0.00cvss epss 0.05

    The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message.

  • CVE-2011-3325Oct 10, 2011
    risk 0.00cvss epss 0.05

    ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet.

  • CVE-2011-3324Oct 10, 2011
    risk 0.00cvss epss 0.05

    The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of…

  • CVE-2011-3323Oct 10, 2011
    risk 0.00cvss epss 0.05

    The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length.

  • CVE-2010-1675Mar 29, 2011
    risk 0.00cvss epss 0.03

    bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute.

  • CVE-2010-2949Sep 10, 2010
    risk 0.00cvss epss 0.03

    bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.

  • CVE-2010-2948Sep 10, 2010
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF)…

  • CVE-2009-1572May 6, 2009
    risk 0.00cvss epss 0.04

    The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.

  • CVE-2007-4826Sep 12, 2007
    risk 0.00cvss epss 0.02

    bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled.

  • CVE-2007-1995Apr 12, 2007
    risk 0.00cvss epss 0.02

    bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages…

  • CVE-2006-2276May 10, 2006
    risk 0.00cvss epss 0.01

    bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface.

  • CVE-2003-0858Dec 15, 2003
    risk 0.00cvss epss 0.00

    Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

Page 2 of 2