Denial of Service : Quagga Denial of Service Vulnerability

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800710

Categoría: Denial of Service

Título: Quagga Denial of Service Vulnerability

Resumen: This host is installed with Quagga for Linux and is prone to; Denial of Service Vulnerability.

Descripción: Summary:
This host is installed with Quagga for Linux and is prone to
Denial of Service Vulnerability.

Vulnerability Insight:
This flaw is due to an assertion error in the BGP daemon while handling
an AS path containing multiple 4 byte AS numbers.

Vulnerability Impact:
Successful exploitation will let the attacker crash the daemon by advertising
specially crafted AS paths and cause denial of service.

Affected Software/OS:
Quagga version 0.99.11 and prior.

Solution:
Apply the patch from the referenced mailinglist posting.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: BugTraq ID: 34817
Common Vulnerability Exposure (CVE) ID: CVE-2009-1572
http://www.securityfocus.com/bid/34817
Debian Security Information: DSA-1788 (Google Search)
http://www.debian.org/security/2009/dsa-1788
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:109
http://thread.gmane.org/gmane.network.quagga.devel/6513
http://www.openwall.com/lists/oss-security/2009/05/01/1
http://www.openwall.com/lists/oss-security/2009/05/01/2
http://marc.info/?l=quagga-dev&m=123364779626078&w=2
http://www.osvdb.org/54200
http://www.securitytracker.com/id?1022164
http://secunia.com/advisories/34999
http://secunia.com/advisories/35061
http://secunia.com/advisories/35203
http://secunia.com/advisories/35685
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://www.ubuntu.com/usn/usn-775-1
XForce ISS Database: quagga-systemnumber-dos(50317)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50317

Copyright Copyright (C) 2009 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800710
Categoría:	Denial of Service
Título:	Quagga Denial of Service Vulnerability
Resumen:	This host is installed with Quagga for Linux and is prone to; Denial of Service Vulnerability.
Descripción:	Summary: This host is installed with Quagga for Linux and is prone to Denial of Service Vulnerability. Vulnerability Insight: This flaw is due to an assertion error in the BGP daemon while handling an AS path containing multiple 4 byte AS numbers. Vulnerability Impact: Successful exploitation will let the attacker crash the daemon by advertising specially crafted AS paths and cause denial of service. Affected Software/OS: Quagga version 0.99.11 and prior. Solution: Apply the patch from the referenced mailinglist posting. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	BugTraq ID: 34817 Common Vulnerability Exposure (CVE) ID: CVE-2009-1572 http://www.securityfocus.com/bid/34817 Debian Security Information: DSA-1788 (Google Search) http://www.debian.org/security/2009/dsa-1788 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:109 http://thread.gmane.org/gmane.network.quagga.devel/6513 http://www.openwall.com/lists/oss-security/2009/05/01/1 http://www.openwall.com/lists/oss-security/2009/05/01/2 http://marc.info/?l=quagga-dev&m=123364779626078&w=2 http://www.osvdb.org/54200 http://www.securitytracker.com/id?1022164 http://secunia.com/advisories/34999 http://secunia.com/advisories/35061 http://secunia.com/advisories/35203 http://secunia.com/advisories/35685 SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://www.ubuntu.com/usn/usn-775-1 XForce ISS Database: quagga-systemnumber-dos(50317) https://exchange.xforce.ibmcloud.com/vulnerabilities/50317
Copyright	Copyright (C) 2009 Greenbone Networks GmbH