Podatność CVE-2009-1572


Publikacja: 2009-05-06   Modyfikacja: 2012-02-13

Opis:
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
BGP 4-byte ASN bug fixes
Chris Caputo
08.05.2009

Typ:

CWE-Other

Producent: Quagga
Produkt: Quagga 
Wersje:
0.99.9
0.99.8
0.99.7
0.99.6
0.99.5
0.99.4
0.99.3
0.99.2
0.99.11
0.99.10
0.99.1
0.98.6
0.98.5
0.98.4
0.98.3
0.98.2
0.98.1
0.98.0
0.97.5
0.97.4
0.97.3
0.97.2
0.97.1
0.97.0
0.96.5
0.96.4
0.96.3
0.96.2
0.96.1
0.96
0.95

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
5/10
2.9/10
10/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Brak
Brak
Częściowy

 Referencje:
http://www.debian.org/security/2009/dsa-1788
http://marc.info/?l=quagga-dev&m=123364779626078&w=2
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html
http://xforce.iss.net/xforce/xfdb/50317
http://www.ubuntu.com/usn/usn-775-1
http://www.securitytracker.com/id?1022164
http://www.securityfocus.com/bid/34817
http://www.osvdb.org/54200
http://www.openwall.com/lists/oss-security/2009/05/01/2
http://www.openwall.com/lists/oss-security/2009/05/01/1
http://www.mandriva.com/security/advisories?name=MDVSA-2009:109
http://thread.gmane.org/gmane.network.quagga.devel/6513
http://secunia.com/advisories/35685
http://secunia.com/advisories/35203
http://secunia.com/advisories/35061
http://secunia.com/advisories/34999
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

Podobne CVE
CVE-2017-3224
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by ...
CVE-2018-5381
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Proto...
CVE-2018-5380
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
CVE-2018-5379
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an...
CVE-2018-5378
The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may c...
CVE-2017-16227
The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequent...
CVE-2016-1245
It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BU...
CVE-2017-5495
All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI ...

Copyright 2019, cxsecurity.com

 

Back to Top