5

CVE-2009-1572

Exploit
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QuaggaQuagga Version <= 0.99.11
QuaggaQuagga Version0.95
QuaggaQuagga Version0.96
QuaggaQuagga Version0.96.1
QuaggaQuagga Version0.96.2
QuaggaQuagga Version0.96.3
QuaggaQuagga Version0.96.4
QuaggaQuagga Version0.96.5
QuaggaQuagga Version0.97.0
QuaggaQuagga Version0.97.1
QuaggaQuagga Version0.97.2
QuaggaQuagga Version0.97.3
QuaggaQuagga Version0.97.4
QuaggaQuagga Version0.97.5
QuaggaQuagga Version0.98.0
QuaggaQuagga Version0.98.1
QuaggaQuagga Version0.98.2
QuaggaQuagga Version0.98.3
QuaggaQuagga Version0.98.4
QuaggaQuagga Version0.98.5
QuaggaQuagga Version0.98.6
QuaggaQuagga Version0.99.1
QuaggaQuagga Version0.99.2
QuaggaQuagga Version0.99.3
QuaggaQuagga Version0.99.4
QuaggaQuagga Version0.99.5
QuaggaQuagga Version0.99.6
QuaggaQuagga Version0.99.7
QuaggaQuagga Version0.99.8
QuaggaQuagga Version0.99.9
QuaggaQuagga Version0.99.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.52% 0.877
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/35685
Vendor Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311
Patch
Exploit
http://marc.info/?l=quagga-dev&m=123364779626078&w=2
Patch
Exploit
http://secunia.com/advisories/34999
Vendor Advisory
http://secunia.com/advisories/35061
Vendor Advisory
http://secunia.com/advisories/35203
Vendor Advisory
http://thread.gmane.org/gmane.network.quagga.devel/6513
Exploit
http://www.debian.org/security/2009/dsa-1788
Patch
http://www.mandriva.com/security/advisories?name=MDVSA-2009:109
http://www.openwall.com/lists/oss-security/2009/05/01/1
http://www.openwall.com/lists/oss-security/2009/05/01/2
http://www.osvdb.org/54200
http://www.securityfocus.com/bid/34817
http://www.securitytracker.com/id?1022164
http://www.ubuntu.com/usn/usn-775-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/50317
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html