Vulnerabilities (CVE)

Vendor filter

Quagga Subscribe

Product filter

Quagga Subscribe

Filter

31 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-5381 3 Quagga, Canonical, Debian 3 Quagga, Ubuntu Linux, Debian Linux 2019-10-09 5.0
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a...
CVE-2018-5380 3 Quagga, Debian, Canonical 3 Quagga, Debian Linux, Ubuntu Linux 2019-10-09 4.0
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
CVE-2018-5379 4 Quagga, Debian, Canonical and 1 more 8 Quagga, Debian Linux, Ubuntu Linux and 5 more 2019-10-09 7.5
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially...
CVE-2018-5378 3 Quagga, Debian, Canonical 3 Quagga, Debian Linux, Ubuntu Linux 2019-10-09 4.9
The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash.
CVE-2017-3224 3 Quagga, Redhat, Suse 4 Quagga, Package Manager, Opensuse and 1 more 2019-10-09 4.3
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined...
CVE-2016-4049 3 Novell, Quagga, Opensuse 5 Leap, Quagga, Opensuse and 2 more 2018-10-30 5.0
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
CVE-2006-2223 1 Quagga 1 Quagga 2018-10-18 5.0
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via...
CVE-2006-2276 1 Quagga 1 Quagga 2018-10-03 4.9
bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface.
CVE-2012-0255 1 Quagga 1 Quagga 2018-01-18 5.0
The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a...
CVE-2012-0250 1 Quagga 1 Quagga 2018-01-18 3.3
Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement...
CVE-2012-0249 1 Quagga 1 Quagga 2018-01-18 3.3
Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State...
CVE-2011-3327 1 Quagga 1 Quagga 2018-01-06 7.5
Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP...
CVE-2011-3326 1 Quagga 1 Quagga 2018-01-06 5.0
The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message.
CVE-2011-3325 1 Quagga 1 Quagga 2018-01-06 5.0
ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet.
CVE-2011-3324 1 Quagga 1 Quagga 2018-01-06 5.0
The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State...
CVE-2011-3323 1 Quagga 1 Quagga 2018-01-06 5.0
The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length.
CVE-2010-2949 1 Quagga 1 Quagga 2018-01-06 5.0
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
CVE-2010-2948 1 Quagga 1 Quagga 2018-01-06 6.5
Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a...
CVE-2010-1675 1 Quagga 1 Quagga 2018-01-06 5.0
bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute.
CVE-2010-1674 1 Quagga 1 Quagga 2018-01-06 5.0
The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute.