3.5

CVE-2007-4826

bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QuaggaQuagga Version <= 0.99.8
QuaggaQuagga Version0.95
QuaggaQuagga Version0.96
QuaggaQuagga Version0.96.1
QuaggaQuagga Version0.96.2
QuaggaQuagga Version0.96.3
QuaggaQuagga Version0.96.4
QuaggaQuagga Version0.96.5
QuaggaQuagga Version0.97.0
QuaggaQuagga Version0.97.1
QuaggaQuagga Version0.97.2
QuaggaQuagga Version0.97.3
QuaggaQuagga Version0.97.4
QuaggaQuagga Version0.97.5
QuaggaQuagga Version0.98.0
QuaggaQuagga Version0.98.1
QuaggaQuagga Version0.98.2
QuaggaQuagga Version0.98.3
QuaggaQuagga Version0.98.4
QuaggaQuagga Version0.98.5
QuaggaQuagga Version0.98.6
QuaggaQuagga Version0.99.1
QuaggaQuagga Version0.99.2
QuaggaQuagga Version0.99.3
QuaggaQuagga Version0.99.4
QuaggaQuagga Version0.99.5
QuaggaQuagga Version0.99.6
QuaggaQuagga Version0.99.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.69% 0.74
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/29743
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1
http://www.vupen.com/english/advisories/2008/1195/references
Vendor Advisory
http://fedoranews.org/updates/FEDORA-2007-219.shtml
http://www.trustix.org/errata/2007/0028/
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00153.html
http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760
Patch
http://secunia.com/advisories/26744
Patch
Vendor Advisory
http://secunia.com/advisories/26829
Vendor Advisory
http://secunia.com/advisories/26863
Vendor Advisory
http://secunia.com/advisories/27049
Vendor Advisory
http://www.debian.org/security/2007/dsa-1382
http://www.mandriva.com/security/advisories?name=MDKSA-2007:182
http://www.quagga.net/download/quagga-0.99.9.changelog.txt
http://www.redhat.com/support/errata/RHSA-2010-0785.html
http://www.securityfocus.com/bid/25634
Patch
http://www.ubuntu.com/usn/usn-512-1
http://www.vupen.com/english/advisories/2007/3129
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/36551